96% of Hong Kong's C-Suite fear impact of cyber-attack on businesses

Hackers targeting more high-profile preys.

The number of high-profile victims of hacking continues to grow. In recent months they have included global brands such as Home Depot, Target and Sony PlayStation, as well as regional telecoms firms.

According to a release from PwC, with each case, the complexity of cyber-attacks and the extent to which they expose businesses is becoming more apparent.

During a series of seminars looking at the business impact of cyber-attacks, PwC surveyed participants and discovered that 96% are concerned about the impact of cyber-attacks, and 72% have this threat on their risk register.

Further, only 20% of organisations have rehearsed their response to a cyber-attack, even though 65% regularly conduct crisis management exercises.

The report also said that as high-profile cases proliferate and trust becomes more vital, companies realise that it’s not ‘if’, but ‘when’ a crisis might hit.

Here's more from PwC:

PwC’s view is that cyber threats are still considered an IT issue, despite their strategic implications.

Cyber-attacks differ materially from other types of crisis that a business might encounter,” explains Kenneth Wong, Cyber Security Lead Partner for PwC China & Hong Kong.

“By the time you become aware of an incident, you may have been under attack for months. Understanding the extent of the damage inflicted on your business may not be straightforward.”

Preparedness for a cyber-attack is also important because of the ever-closer scrutiny from the media, the public and regulators when a company has to announce that its security has been compromised.

But global PwC surveys show that while companies grasp the scale of the problem, they also acknowledge that they do not consider themselves sufficiently ready to cope with a cyber-attack.

“Particularly as e-commerce grows, customers really have to trust the companies they deal with,” says Ramesh Moosa, Cybercrime Lead Partner for PwC China & Hong Kong. “They need to feel confident that the company is doing all it can to protect them and that – if there is a cyber-attack – the company will be completely honest with them from the very start.”

In response to this growing need, PwC in China and Hong Kong has been running a series of cyber-crisis simulations for its clients.

These give clients the opportunity to understand the complexities of responding to a cyber-attack.

They can appreciate how a cyber-attack affects the whole business and not just IT, and to practise communicating with stakeholders.

“Being completely prepared may be difficult to achieve,” says Mr Wong. “But companies absolutely must rehearse their response to cyber-attacks. Their customers will expect nothing less.”