Less than one in four IT leaders think firms are well prepared for cyber attacks

According to Harvey Nash and KPMG’s latest survey of CIOs, just 22 per cent feel their organisations are “very well-positioned” to identify and deal with cyber attacks – a figure that has dropped seven per cent since 2014, when it stood at 29 per cent.

This statistic will be concerning for IT leaders when 43 per cent of those questioned think an attack would cause great damage to their brand and profits. Another 45 per cent said short- or medium-term damage may be done but no long-term harm would occur.

“The results show that IT leaders see security as an escalating challenge,” summarised Dr Jonathan Mitchell, non-executive chair of Harvey Nash’s global CIO practice, in the report’s executive summary. “Nearly a third reported that they had to respond to a major security incident in the last two years.”

However, 68 per cent of CIOs said they are confident in the ability of their companies’ boards to recognise the risks posed by a cyber attack.

As part of the report, IT leaders were asked what keeps them awake at night, and cyber security was present among their most pressing concerns.

“For me, personally, security is front-of-mind with the growing threat of cyber attacks,” said Katie Docherty, who is CIO at HSBC Bank Australia, as part of the report.

“The threats are becoming far more complex and the methods of delivery more targeted, particularly with the rise in spear phishing campaigns.”

Security also ranked highly when the CIOs were asked about the biggest barriers to moving into the cloud, with data loss and privacy risks the top concern for 49 per cent.