Four in ten UK CEOs believe it’s no longer a case of “if” a cyber-attack will happen as it is now an inevitability, according to research from KPMG.

The professional services firm surveyed 150 UK leaders and a further 1,150 CEOs from around the world about their future investment plans and the challenges facing their companies.

The results showed that 39% of UK CEOs believed that they will be targeted by a cyber-attack. The percentage was higher globally, with almost half of international CEOs feeling the same way.  Bernard Brown, vice chair at KPMG in the UK, said that the findings show how high up the agenda cybersecurity has become for businesses.

“The seeming inevitability of a cyber-attack crosses all borders and has now crossed firmly over the threshold for the board-level discussions,” he said.  “Protecting the business from a cyber-attack has jumped further up the boardroom agenda and we are seeing businesses making their defences the best they can be.”

The survey found that UK business leaders believe that a strong cybersecurity strategy is critical to engendering trust with key stakeholders, with 74% agreeing that cybersecurity is an enabler of trust, compared to 55% of global CEOs. According to the report, cyber awareness amongst UK leaders is changing, with 39% believing that their organisations are either “very well” or “well” prepared for a future cyber-attack.

CEOs also believe that cybersecurity specialists are an effective part of the business with 45% of UK CEOs seeing their value, coming second to data scientists who are seen as being effective by 62% of the CEOs asked.

“It’s encouraging to see that CEOs are developing a more mature understanding of what cyber security actually means. They are beginning to ask more awkward and searching questions of their IT teams. What are the challenges that face us specifically, what risks are we carrying, what do we need to be resilient to a cyber-attack?” Brown added.

“Organisations are spending more time planning for worst case scenarios, running simulations and thinking in detail about how they would deal with the uncertainties that arise during a cyber breach.”   Source: Cyber Security Intelligence