Current

    Australian executives believe risk and security issues will worsen in severity over the next 12 months. 


    Cybersecurity ranks as the number-one concern for businesses, followed by financial, legal and regulatory risks, a new report has found. In partnership with YouGov, McGrathNicol surveyed more than 300 C-suite executives and board directors across Australian businesses with 50 or more employees.

    Cyber risk was a top-five concern for 2024 for 68 per cent of organisations, the highest of any risk category. The report found 71 per cent of organisations don’t conduct due diligence on their key suppliers’ cybersecurity practices, and over 75 per cent don’t require mandatory reporting of cyber or data breaches affecting their suppliers.

    While 87 per cent of surveyed organisations were confident their business has a comprehensive insider risk management program in place, less than a third have implemented fundamental insider risk controls. Only 28 per cent use a risk- based vetting and due diligence framework for employees and suppliers or contractors, while only 27 per cent have education/awareness programs in place, and just 18 per cent have appointed an authority accountable for insider risk.

    Most enterprise risk management programs (80 per cent) now include supply chain risk as a core pillar. Similar to last year’s results, most organisations (74 per cent) acknowledge internal issues in addressing supply chain challenges due to a shortage of expertise, insufficient data and visibility tools, budgetary constraints and competing priorities.

    Regulatory bodies have shifted focus from market education and awareness to enforcement. In addition, new legislation has been introduced on areas including payment times and wage underpayments. The government has made changes to the Privacy Act 1988 and the Security of Critical Infrastructure Act 2018, which regulates critical infrastructure assets from 11 key industries in Australia. As a result, more than 55 per cent of surveyed business leaders see legal/regulatory risk as a top concern, and 27 per cent expect these risks will continue to increase in severity.

    Access the report here

    This article first appeared under the headline 'Cybersecurity remind top concern’ in the October 2024 issue of Company Director magazine.  

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.