Executive Summary

The European Commission suffered a 20% rise in attacks on its infrastructure in 2016. At a boardroom and government level,  fears are growing over state-sponsored attempts by cyber criminals, hacktivists and cyber terrorists to influence significant international events and  infiltrate critical infrastructure.

The R&D of this shadow economy could outpace that of global corporations and governments, so much so, that failure to future-proof themselves against the next wave of emerging threats could be devastating, from a reputational and financial perspective.

Politicians have voiced concerns over state-sponsored hacks to destabilise regions and release sensitive political information, using propaganda tools and by spreading false news on social media sites.

Never has the security and privacy of individuals and the ability of businesses to protect information been more at the forefront of daily news and significant events.

Cybercrime has become a game of world chess, one in which information is key.

DoubleThink, brought to you by Porter Novelli and Voce Communications provides a central hub of news analysis,  regulatory updates and worldwide attitudes towards privacy and cyber security.



Latest security update:

8th February: Just 1 in 20 FTSE 100 organisations have a cyber risk director

A study by Deloitte has revealed that just 5% of FTSE 100 companies have a director responsible for cyber risks, Financial Times reports.

While 71% of corporations identified IT systems failure in their principle concerns and a further 72% highlighted a cyber attack as a risk, the report suggests that firms have been slow to react to the emerging threat of cyber warfare.

Following a number of high-profile breaches and attacks on organisations including Lloyds Bank, Tesco, Deutsche Telekom and the NHS, the report’s results are somewhat surprising given that the number of attacks rose by 55% from 2015 to 2016.

Phill Everson, head of cyber risk services at Deloitte UK has said “The vast majority of FTSE 100 reports acknowledge the principal risk, but our analysis shows there were wide variations in the disclosure of cyber risk management and mitigation strategies.”

In the study, 11% of the reports mentioned the creation of a new role or body to take overall accountability for cyber risk, while more than half of organisations identified cyber contingency, crisis management or disaster recovery plans in their annual report.

Only 58% however disclosed that these plans had been simulated in test scenarios over the year.