A new survey by Kroll has revealed the extent of over-confidence among Chief Financial Officers (CFOs) and the organisational and financial impact of this approach.
Our new CFO cybersecurity survey, which surveyed 180 CFOs, CEOs and other financial executives worldwide, has highlighted the fact that Chief Financial Officers are very confident in their companies’ abilities to ward off cyber security incidents, despite being underinformed on the cyber risk their businesses face.
Almost 87% of the surveyed executives expressed this confidence, yet 61% of them had suffered at least three significant cyber incidents in the previous 18 months.
The CFOs also put a price tag on the cyberattacks they had suffered in the previous 18 months: between $10 million and $25 million for about one-third of companies who suffered a significant security incident, and more than $25 million for almost 16% of the companies.
The survey shows a sharp disconnect between the confidence that CFOs have in their organizations’ cyber security abilities, and the actual, significant damage that cyber incidents are inflicting.
Key findings from the survey include:
- 71% of CFOs have suffered more than $5 million in financial losses stemming from cyber incidents in the last 18 months.
- More than 7 out of 10 of the executives in the survey said their companies suffered a loss of valuation of 5% or more following their largest cyber security incident in the last 18 months.
- Cyber security spending is increasing: 45% of respondents plan to increase the percentage of their overall IT budget dedicated to information security by at least 10%.
In response to the findings, the report shares recommendations to help CFOs and other business leaders take steps towards a stronger security posture.