What's keeping senior executives up at night? A new global survey of business executives by global consulting firm Protiviti gives us a glimpse inside their heads, and perhaps not unsurprisngly, cyber security now comes high on the list of worries for many.
Out of the top ten biggest concerns for the c-suite in the year ahead, cyber threats have jumped to number three, up three rank positions from last year. It seems that, following last year's string of incidents, the boardroom is becoming aware of the operational and reputational damage that can come with a major breach. In fact more than half of the global survey respondents (53%) indicated that insufficient preparation to manage cyber threats is a risk that will 'significantly impact' their organisations this year.
> See also: Been breached? here's a 10 step reaction plan
'Given encouraging signs in the economy, we’ve observed an overall shift in focus from macroeconomic risks to operational risks, which had the greatest increase in risk scores from 2014,' said Mark Beasley, Deloitte professor of enterprise risk management and NC State ERM initiative director. 'Notably, however, CEO respondents remained extremely focused on macro trends affecting their business.'
For the third consecutive year, regulatory changes and heightened regulatory scrutiny ranked as the number one risk on the minds of board members and corporate executives; 67% indicated that it will 'significantly impact' their organisations.
The survey findings also suggest that while the business environment in 2015 will be somewhat less risky than in the previous two years, most of the business leaders surveyed indicated that they are more likely to invest in additional risk management resources in 2015.
The top 10 C-suit risks for 2015
Regulatory changes and heightened regulatory scrutiny may affect the manner in which our products or services will be produced or delivered – 67%
Economic conditions in markets we currently serve may significantly restrict growth opportunities for our organisation – 56%
Our organisation may not be sufficiently prepared to manage cyber threats that have the potential to significantly disrupt our core operations and/or damage our brand – 53%
Our organisation’s succession challenges and ability to attract and retain top talent may limit our ability to achieve operational targets – 56%
Our organisation’s culture may not sufficiently encourage the timely identification and escalation of risk issues that have the potential to significantly affect our core operations and achievement of strategic objectives – 51%
Resistance to change may restrict our organisation from making necessary adjustments to the business model and core operations – 49%
Ensuring privacy/identity management and information security/system protection may require significant resources for us – 52%
Our organisation may not be sufficiently prepared to manage an unexpected crisis significantly impacting our reputation – 46%
Sustaining customer loyalty and retention may be increasingly difficult due to evolving customer preferences and/or demographic shifts in our existing customer base – 48%
Our existing operations may not be able to meet performance expectations related to quality, time to market, cost and innovation as well as our competitors – 46%