Dive Brief:
- The threat of cyberattacks represents the most serious challenge for businesses in the coming year, the advisory firm Kroll said in a report published Thursday.
- Roughly three-quarters of respondents said their cybersecurity and privacy concerns had increased over the past year, with nearly half citing malware and more than a third citing data extortion as specific fears.
- Kroll’s survey of 1,200 respondents from more than 20 countries, conducted in February, provides some measure of how businesses are thinking about and dealing with cyber worries as global tensions escalate.
Dive Insight:
Governments around the world have responded to cyber risks by imposing new security and privacy regulations on businesses, but Kroll’s report finds that many businesses remain uncertain about their ability to comply with these new rules.
“When it comes to addressing the patchwork of global data privacy laws and the impact on their businesses, just 12% of respondents globally ranked their organizations as ‘extremely prepared,’” Kroll said in its report. The average business gave itself a 7.4 score out of 10.
The European Union has enacted some of the strictest privacy regulations, but European companies were the least confident, on average, in their compliance capabilities, with an average score of 6.7. Kroll said the lower score “likely reflects a greater awareness of compliance challenges,” as multinational companies study “new U.S. privacy requirements [coming] online at the state level.”
“European companies operating internationally are increasingly concerned about the changes they’ll need to make to their existing privacy programs to stay compliant,” Tiernan Connolly, a managing director in Kroll’s Europe, Middle East and Africa cyber- and data-resilience practice, said in the report.
Financial-services firms and technology companies reported the highest level of preparedness among industries, with an average score of 7.7, which Kroll attributed to the fact that they both regularly handle sensitive data.
Kroll’s survey contains an important and worrying data point about companies that reported compliance concerns: “Of those concerned, less than half have increased budgets, expanded teams, upskilled their workforce or hired external experts to prepare for the cyber and data privacy challenges ahead,” the report said.
When it comes to companies’ growing adoption of artificial intelligence, 93% of respondents in the survey said they had integrated AI into their businesses, with 50% saying they were using it for cybersecurity and IT.
But many of these companies are still improvising when it comes to adding AI to their systems. “Of those already using AI, 63% do not have AI transparency or explainability efforts in place,” Kroll said, “and 59% have not implemented any AI policies and guidance for employees.”
