Your run out of cash. That is a risk but one you can at least control.
The number 1 risk to business today is one you don’t control and you may not know if you have already been exposed or when you will be. It is not a question of IF, rather a question of WHEN.
That risk is cybercrime.
Who’s on the line?
So who is accountable for this pernicious risk?
Here is the result of a 2015 survey by the NYSE.
What are the consequences?
There is potential for significant costs and reputational damage and that is why cybercrime must be on the Board’s agenda every time they meet.
In the UK the maximum civil fine that be imposed by the ICO is £500,000.
Under the EU General Data Protection Regulation (effective May 2018) that increases to Euro 20M or 4% of global turnover whichever is the greater. That fine will take some explaining to shareholders.
The other damaging risk is to the market value of the business. That market value is in part based on reputation and can account for 38% (FTSE100) and 36% (FTSE350) of the valuation of a business.
You can now understand why this is on the CEO’s desk. If a business lost 38% of its value to a known risk like cybercrime then you might call it bad luck but more likely call for the head of the CEO.
Thanks and recognition to Kate Miller of Project Associates (UK) Ltd who presented this information at a meeting of the FT Non-Executive Directors Club on 10th May 2016 and for the sponsorship of Santander of the meeting.
Fighting back (breaking news)
On 10th May 2016 wired.com reported that IBM Watson was to lead the fight on cybercrime. Click here to read the article.