LONDON (Reuters) – Cyber and regulatory risk have become the biggest concerns for European business executives, overtaking political and economic risk, after several large cyber attacks and ahead of a major shake-up in data regulation, a survey showed on Friday.
Devastating events such as last year’s WannaCry and NotPetya attacks have focused attention on cyber risk, Dave Brosnan, chief executive of insurer CNA Hardy, which compiled the six-monthly survey, told Reuters.
“If you have a large number of well-publicised cyber attacks, you create concern in the boardroom,” he said.
Twenty-five percent of executives rate cyber risk as their highest concern, followed by 23 percent for regulatory risk, compared with 14 percent and eight percent six months ago, the survey of 450 executives from UK multinational firms and 50 executives from European multinationals showed.
The European Union General Data Protection Regulation (GDPR) enters into force on May 25 in the biggest overhaul of privacy rules since the birth of the internet.
“GDPR in May is one of the key themes for regulatory risk – only 50 percent of the companies surveyed believe they are ready for it,” Brosnan said.
The regulation gives members of the public more control over how their data is used as well as requiring businesses to report data breaches within 72 hours.
It drastically increases the penalties for non-compliance, which can go as high as 4 percent of global annual turnover or 20 million euros ($25 million), whichever is higher.
The CNA Hardy survey was carried out over four weeks in January and February 2018.
(Reporting by Carolyn Cohn; Editing by Adrian Croft)
