In the wake of Russia’s invasion of Ukraine and the shift to hybrid working, the Institute of Directors has found that 72% of business leaders view cyber risk as a significant concern for their organisation, with 58% believing that the risk of a cyber attack on their organisation has increased.

In its poll of nearly 600 directors, the IoD also found that 54% believe that every board member has enough expertise to understand the potential impact and value of cyber security in respect of their organisation. Reponses also suggest that 61% feel that their organisation has appropriate controls and monitoring mechanisms in place which assure them that their cyber security measures are effective.

Just under half (46%) of directors said their organisation ensures that cyber security is considered in every business decision, while 54% said that their organisation has an incident management plan in place for cyber attacks

Dr Roger Barker, director of policy at the IoD, said: “The results of our survey provide evidence that many businesses are taking cyber security seriously, but a higher level of awareness and expertise is needed on boards of directors in view of the unprecedented shift to home working and heightened geopolitical tensions.

“Hybrid working is here to stay. However, a remote workforce brings with it enhanced cyber risks, with employees relying on their home networks – and sometimes their own devices – to complete tasks. Companies have not yet fully adjusted to this reality.”

Cybersecurity authorities have warned that Russia’s invasion of Ukraine exposes organisations both within and beyond the region to increased malicious cyber activity. With 46% of survey respondents stating that their organisation is able to access cyber insurance cover, it suggests that there could be a potentially dangerous gap.

Barker added: “A significant proportion of IoD members are concerned about their ability to access cyber insurance cover. During the last year, cyber insurance rates have increased significantly, and there are uncertainties around what is and isn’t covered by insurance, particularly with respect to exposure to state-sponsored cyber attacks.”

Share Story: