In the wake of Russia’s invasion of Ukraine and the shift to hybrid working, the Institute of Directors has found that 72% of business leaders view cyber risk as a significant concern for their organisation, with 58% believing that the risk of a cyber attack on their organisation has increased.
In its poll of nearly 600 directors, the IoD also found that:
- 54% believe that every board member has enough expertise to understand the potential impact and value of cyber security in respect of their organisation
- 61% state that their organisation has appropriate controls and monitoring mechanisms in place which assure them that their cyber security measures are effective
- 46% state that their organisation ensures that cyber security is considered in every business decision
- 54% state that their organisation has an incident management plan in place for cyber attacks
- 46% state that their organisation is able to access cyber insurance cover
Dr Roger Barker, the Institute’s director of policy, said: “The results of our survey provide evidence that many businesses are taking cyber security seriously. However, a higher level of awareness and expertise is needed on boards of directors in view of the unprecedented shift to home working and heightened geopolitical tensions.
“Hybrid working is here to stay. However, a remote workforce brings with it enhanced cyber risks, with employees relying on their home networks – and sometimes their own devices – to complete tasks. Companies have not yet fully adjusted to this reality.
“Furthermore, cybersecurity authorities have warned that Russia’s invasion of Ukraine exposes organisations both within and beyond the region to increased malicious cyber activity.
“A significant proportion of IoD members are concerned about their ability to access cyber insurance cover. During the last year, cyber insurance rates have increased significantly, and there are uncertainties around what is and isn’t covered by insurance, particularly with respect to exposure to state-sponsored cyber attacks.
“The National Cyber Security Centre is a key source of guidance for companies seeking to address current cyber challenges. In particular, the NCSC’s toolkit for board members represents an essential reference point for directors in their oversight of cyber security.”