Cybersecurity: 28% have no strategy

As in the last "swissVR Monitor" survey, the two topics of efficiency enhancement and process optimization top the list of board of directors' topics with 41%. And the importance of digitalization, robotics and automation is rated even higher than in the survey six months ago.

Cybersecurity is also discussed intensively
When talking about digitalization or even Industry 4.0, the far-sighted entrepreneur (or board of directors) should not forget the whole potential danger around cyber security. The association SwissVR has chosen cybersecurity as the focus topic for its latest survey - and thus struck a chord with board members, as SwissVR writes.

According to the latest "swissVR Monitor," 78% of respondents say cybersecurity has become more important, led by large companies (90%) and financial services providers (91%). No board member surveyed also finds that the relevance of cybersecurity has declined over the past three years. The topic area was discussed by a large majority of board respondents last year. This is hardly surprising after the various hacker attacks on Swiss companies. One need only think of the Ruag armaments group, which is concerned about security and was "successfully" attacked by Russian criminals in 2016.

28% have no strategy
Although cyber security is discussed at the carpet level, only 35 percent of those surveyed have a clear strategy in their company. Nevertheless - for another third such a strategy is under development, as the "swissVR Monitor II/2017" shows. 5% of the board members surveyed do not know whether there is even a cyber security strategy in the company. And a considerable proportion of 28% even emphasize that they have no strategy in place. I wonder if the relevance is underestimated here. A successful attack can lead to reputational damage, loss of important business data and other financial losses. Small and medium-sized companies in particular (33% and 34% respectively) lack a strategy, while only 12% of large companies have one, according to the Monitor.

37% lives without action plan
The figures also reflect this with regard to a clear action plan. One-third of respondents already have one in place and another third have one in development. 7% of respondents know nothing about an action plan and 30% say none is in place.
Why is there no such plan with the necessary action steps? In the construction, real estate, retail and consumer goods industries, the predominant statement is that cyber security is not a priority. For 37 percent - especially in the manufacturing and chemical industries - cyber security is part of the company's overall risk plan.

Responsibility lies with management
However, 80% of the board members surveyed also say that responsibility for the cybersecurity action plan lies at the operational level, i.e. management. Only 11 percent of the board members take care of the concrete action steps themselves.
The more Industry 4.0 becomes a reality, the more cybercrime will also increase. That is why it is surprising that three out of ten companies do not have a cybersecurity action plan, comment on the results of the "swissVR Monitor II/2017". (rs)