Cybercrime makes Top 10 risk list

Trends in economics, demographics and geopolitics along with rapid technology advancements are transforming traditional risks for global businesses, adding new urgency and complexity to old challenges, according to Aon’s 2017 Global Risk Management Survey.

The survey covered 1,843 respondents at public and private companies around the world. 

Results show that the Top 10 risks in Asia Pacific are (1) damage to reputation/brand; (2)    regulatory/legislative changes; (3) increasing competition; (4) failure to innovate/meet customer needs; (5) economic slowdown/slow recovery; (6) business interruption; (7) cybercrime/hacking/viruses/malicious codes; (8) failure to attract or retain top talent; (9) major project failure; and (10) political risk/uncertainties.

At No. 7, cybercrime enters the top 10 risk list for the first time in Asia Pacific as the frequency of cyber breaches increases and incident response plans become more complex due to regulation and mandatory disclosure obligations.

Organizations in Asia are 80% more likely to be targeted by hackers than other parts of the world with an average of 3.7GB of data stolen in each attack, amounting to hundreds of millions of records.

The regulatory landscape in Asia shifts towards more onerous data protection obligations for companies, led by China’s new Cybersecurity Law, effective June 1, 2017, which imposes strict rules regarding the transfer of data out of China. 

Companies in Asia with exposure to European Union citizen data must be aware of the General Data Protection Regulation from May 25, 2018, under which organizations, no matter where domiciled, can be fined up to 4% of global turnover for serious breaches.

In Singapore, the Personal Data Protection Commission began issuing fines for data breaches in 2016, and with a new Cyber Security Law set to be tabled in Parliament this year, companies must prepare for further government scrutiny of cyber risk preparedness and, possibly, mandatory reporting obligations in the event of a data breach.

Damage to reputation/brand is the top ranked risk by businesses in Asia Pacific, as defective products, fraudulent business practices, inappropriate staff behavior and corruption continue to be key threats to reputation.

Social media has amplified their impact, making companies more vulnerable. With both smartphone and mobile broadband subscriptions population penetration levels at more than 100% in Singapore and rising sharply across the region, these risks are becoming more volatile and difficult to prepare for and mitigate.