More than half of the world’s CFOs, including those in Australia, have changed their approach to risk management under pressure from the “speed” of evolving threats they face, research from insurance broker Lockton has found.
About 66% say their risk attitude has changed since the beginning of the year in response to increased risk exposure.
The cyber breaches at Optus and Medibank reflect the scale of the risks facing CFOs, who say they are unwilling to grapple with the myriad of systemic challenges, a list that includes supply chain disruptions, technology, geopolitical tensions and Litigation threats.
“In Australia, the recent cyber attacks on a telecom company and a major insurer show that a major cyber event is not an isolated risk or problem,” said Paul Marsden, CEO of Lockton Pacific.
“These events permeate all parts of a business and they spread quickly.”
Mr Marsden says in the case of Medibank, which confirmed it didn’t have cyber insurance, the insurer now has to “take a bill in the millions”.
“Litigation risk is looming large with future shareholder class action lawsuits,” he said. “These are the actual risk velocity implications and outcomes.”
The Lockton report is based on a survey of 475 CFOs and senior finance executives, including 50 in Australia and 12 in New Zealand. Respondents represent companies with at least $100 million (US$149 million) in annual revenue and come from sectors such as energy, financial services, healthcare and telecommunications.
In other key findings, the survey reveals a large shift in risk perception between the first quarter of this year and the third quarter.
The survey states that CFOs’ concerns about the velocity of risk in the areas of technology, cybersecurity and people risks increased exponentially during the period.
About 67% of respondents are most concerned about technology risk, followed by cybersecurity (37%), human risk (31%), economic risk (14%) and supply chain risk (6%).
“The reality for today’s organizations is that they routinely deal with risk events for which there is no specific playbook,” states the Lockton report.
“Organizations will continue to face a disruptive, complex and dynamic landscape. Decision makers need to ensure their operating model is resilient and flexible enough to accommodate rapid strategy shifts.”
According to Lockton, the survey results reflect the view that increasing risk velocity should change the way CFOs view and respond to risk events in order to create a sustainable organization.