This is the last in a series of five extracts from EY’s EMEIA Fraud Survey 2017 – Human instinct or machine logic: which do you trust most to fight fraud and corruption? Visit ey.com/fraudsurveys/EMEIA to access the full version.
Companies continue to face the threat of cyber attacks by various actors, including sovereign states, organized crime and terrorist groups. When they occur, such breaches can have a highly disruptive impact on a company’s operations potentially resulting in higher operating costs, the loss of intellectual property and the leak of confidential information.
EY’s EMEIA Fraud Survey 2017 identifies that in the key growth-target regions of India and Africa, 72% and 58% of respondents, respectively, considered cyber attacks to pose a high risk to companies similar to their own. Overall, almost half of those interviewed shared this view. Given the broad-based recognition of the problem, it is therefore unsurprising that 59% of our respondents believed that their company should have a Cyber Breach Response Program (CBRP) in place.
Cyber breach response – expectations versus reality
Respondents to our survey indicated, however, that awareness of such programs differs starkly between senior executives and more junior employees. While over half of all board directors and senior managers feel that their company has a CBRP in place, only 1 in 3 of other employees believed that their company had such a program.
Lack of awareness among employees is concerning
Given that the effectiveness of any CBRP is dependent on the awareness and involvement of the company’s cross-functional stakeholders, this apparent lack of awareness among employees is concerning. If employees do not know how to escalate their concerns, issues that appear minor or localized may be left unreported. This may prevent the company from taking appropriate action to assess, investigate and respond in the event of a potential incident, impacting a company’s ability to reduce the extent of the damage incurred.
Visit ey.com/fraudsurveys/EMEIA to find out more on cyber risk management and discover how EY can help with this, and other topics raised in this year’s EMEIA Fraud Survey. The site also includes a new Interactive Results Comparison Tool to help you explore how results compare across different countries and industry sectors.