Cybersecurity tops business risks, say internal auditors

A new survey has found the top three risks faced by businesses across Europe are: cybersecurity (78%), regulatory change (59%) and digitalisation (58%). The survey of 528 Chief Internal Auditors (125 from the UK and Ireland) is part of the Chartered IIA’s Risk in Focus 2020 report. The report recommends a number of ways that businesses can increase protection against cyber threats, including:

• Assessing how their customer service chatbots are protected against breaches.
• Recruiting an internal or external cybersecurity expert to minimise corporate risks.
• Reviewing the security of their cloud services – including ensuring robust systems and processes are in place to prevent misconfigurations.

The increasing burden of regulatory change felt by businesses with the introduction of GDPR and new legal frameworks for online payments is analysed by Risk in Focus 2020. It advises businesses to consider whether they are taking a sufficiently forward-looking approach to regulatory changes e.g. a regulatory implementation calendar.

Risk in Focus 2020 also focuses on digitalisation and advances in technology e.g. AI and blockchain. The report includes guidance for business to consider whether they have sufficient capacity and capabilities to innovate and if projects are sufficiently controlled and appropriately measured.

Cybersecurity and digitalisation have both appeared in the top three risks over the last two years. This year, the number of Chief Internal Auditors citing cybersecurity as a top five risk has increased by 18%, further strengthening its position as the clear number one risk.

Dr Ian Peters MBE, Chief Executive of the Chartered Institute of Internal Auditors, said: “For the second year running, cybersecurity has been identified as the number one business risk faced by organisations in Europe. Cybersecurity is a problem we regularly see on the news from the theft of 500 million Marriott hotel guests’ personal information, to the security breach which exposed 50 million Facebook user identities.”

Between March and May 2019, 528 Chief Internal Auditors from UK, Ireland, Belgium, France, Germany, Italy, Netherlands, Spain and Sweden took part in a quantitative survey for Risk in Focus 2020.