• Register
Return to: Home > News > Financial Results > Organisations are still at high risk of common cyber-attacks

Organisations are still at high risk of common cyber-attacks

Cyber-attacks pose high risks for organisations as common attacks remain successful in exploiting vulnerabilities already known to the organisations, and only 12% think they are likely to detect a sophisticated cyberattack, according to a survey by EY.

The 20th annual EY Global Information Security survey (GISS) of 1,200 C-suite level leaders from global organisations found that malware (64% compared to 52% last year) and phishing (64% compared to 51% last year) were perceived as the rising threats of the last 12 months. Although, the threat of internal attacks, and attacks to steal financial information, IP or data have dropped. Additionally, 77% agreed the vulnerability of careless or unaware employees was the most likely attack source.

Currently, 75% of respondents rated the maturity of their vulnerability identification as “very low to moderate” and 12% have no formal breach detection program in place, with 35% describing these policies as ad-hoc or non-existent. Therefore, 56% are concerned about increasing cyber threat impacts and are planning to change their strategies due to increasing cyber threats, risks and vulnerabilities from increased connectivity and technology.

However, 87% of respondents said they require 50% more funding in order to address this, and 90% expect higher budgets this year, with 12% expecting to receive an increase of more than 25%. However, in order to improve preparedness, 52% do have a Security Operations Center (SOC) and 43% have an informal threat intelligence program.

While 50% said that they report to the board regularly, only 24% said the person with responsibility for cybersecurity sits on their board and 17% think boards have sufficient cybersecurity knowledge for oversight. Twenty percent admitted they did not have enough current information on security implications and vulnerabilities to conduct a review.

Top Content

    Nigeria: building compliance and engagement

    Opportunities created by regulatory and legislative changes in Nigeria are tempered by the fragile state of the economy, although practitioners are generally confident that conditions will improve over the next few years if appropriate steps are taken. Paul Golden reports.

    read more

    Ghana: a quest for consistency

    Ghana’s current economic profile would suggest a fertile landscape for purveyors of accounting services. But inconsistent approaches to compliance and application of standards – coupled with problems in the banking sector and consequent liquidity constraints – have created a challenging environment. Paul Golden writes.

    read more

    Drone technology: audit takes to the skies

    The movement towards a digitised era has already impacted the auditing profession in a number of ways, from blockchain to artificial intelligence. Now firms are taking to sky and using drone technology in their audits. Mishelle Thurai speaks to Big Four firms to find out more.

    read more

    SBC: a new alliance joins the market

    Jonathan Minter speaks to Paul Tutin, chair of founding firm Streets Chartered Accountants, about why the business and its European partners took the decision to launch their own association.

    read more
Privacy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.