Companies are taking cybersecurity seriously following the release of proposed rules by the Securities and Exchange Commission, according to a study by Diligent.
Of the companies polled, 90% have adopted a heightened cybersecurity posture.
That is also being driven by the fact that 40% cite data breaches as their top risk to revenue growth, followed by security and fraud (37%) and economic slowdown/recession (37%).
The biggest cybersecurity risks are social engineering (17%), cloud vulnerabilities (13%) and third-party exposure (11%).
The study also found that:
40% say the ability to protect information is the top reputational risk, followed by social responsibility (38%) and data breaches (37%.
45% say data management is their firm’s top compliance risk. Next are corruption or fraud (42%) and workplace health and safety (41%).
38% believe supply-chain issues are the leading overall risk, while 35% cite social responsibility and 33% market volatility as the top security risks.
In addition, 42% say the inability to connect data from disparate systems to paint a holistic picture of risk is a significant challenge. And 40% say the same about the inability to automate workflows.
Meanwhile, 42% struggle with lack of buy-in from the board while 37% are challenged in communicating top risks to the board.
Diligent surveyed 450 senior risk, compliance and security professionals in the U.S.