2 in 5 firms underestimate their level of risk

More than two in every five firms, 45% globally and 41% in Singapore. may be miscalculating the severity of threats to their business, new research from Veritas suggests.

Veritas commissioned Vanson Bourne to survey 1,600 respondents in August and September 2023 across Australia, Brazil, China, the DACH region (Germany, Austria and Switzerland), France, India, Japan, the Nordics, Singapore, South Korea, the United Arab Emirates, the United Kingdom and the United States.

Results show that despite risk factors like interest rates and inflation pressing hard on organisations, ransomware and multi-cloud complexity are also growing concerns for businesses of all kinds. 

However, when survey respondents in Singapore were initially asked whether their organisations were currently at risk, 41% said “no.” 

After being presented with a list of individual risk factors, respondents of all levels recognised the challenges facing their organisations with all then identifying a risk to their organisation. 

Participants across the world identified data security (46%), economic uncertainty (38%) and emerging technologies, such as AI (36%), as the top threats faced by their organisations today, from among an extensive list of possible hazards. 

Traditional threats like competition and a shortage of talent took fourth and fifth place. Geopolitical instability fell even further down the list to seventh place. 

In Singapore, respondents identified economic uncertainty (40%), competition (40%), data security (36%) and emerging technologies such as AI (35%) as the top threats faced by their organisations. 

Additionally, 87% of those surveyed globally admitted they had experienced a negative impact from risks, including reputational and financial harm. 

When asked which risks had resulted in actual damage to their organisations, data security was again highest (40%), followed by economic uncertainty (36%), damages from competition (35%) and emerging technologies such as AI (33%). 

In Singapore, emerging technologies such as AI (39%), weak sustainability measures (37%), competition (35%) and data security (33%) were top risks that resulted in actual damage to organisations. 

The effects of data security breaches were underscored by the number of organisations who had been hit by ransomware attacks. 

About two-thirds (65% globally and 68% in Singapore) said that, over the past two years, their organisations had been the victim of at least one successful ransomware attack in which hackers were able to infiltrate their systems. 

About a quarter (26%) of respondents, both globally and in Singapore, who experienced a successful attack said they did not report it. 

Breaches that caused a failure to comply with regulatory requirements cost respondents’ organisations, on average, more than US$336,000 globally (and more than US$346,000 in Singapore) in regulatory compliance fines during the last year. 

For many respondents, the level of risk is rising. More than half (54% globally and 57% in Singapore) were likely to say risks to data security have increased rather than decreased (21% globally and 19% in Singapore) over the last 12 months. 

Yet, they may not fully appreciate their own vulnerabilities. For organisations around the world aiming to mitigate data security risks, many have increased their data protection budgets as much as 30% (31% in Singapore) over the last 12 months.

Along with staffing additions, organisations are exploring other ways to fortify their defenses. Despite ranking AI and emerging technologies as a top risk, 68% of respondents globally (65% in Singapore) are looking at AI and machine learning to boost security.

The research also appears to expose another chink in the armor with more than a third (37% globally and 43% in Singapore) reporting that they have no data recovery plan in place or have only a partial plan.