Less than 10% Businesses See Poor Security as Greatest Risk: Report | GBAF

Less than 10% Businesses See Poor Security as Greatest Risk: Report | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Top Stories > TWO-THIRDS OF SENIOR EXECUTIVES EXPECT TO SUFFER DATA SECURITY BREACH BUT FAIL TO RECOGNISE LONG-TERM DAMAGE, GLOBAL RISK:VALUE REPORT REVEALS

TWO-THIRDS OF SENIOR EXECUTIVES EXPECT TO SUFFER DATA SECURITY BREACH BUT FAIL TO RECOGNISE LONG-TERM DAMAGE, GLOBAL RISK:VALUE REPORT REVEALS

Published by Gbaf News

Posted on November 15, 2014

4 min read

Last updated: January 22, 2026

Data security breach concerns among senior executives in finance - Global Banking & Finance Review — The image illustrates the growing concern of data security breaches among senior executives, highlighting insights from the NTT Com Security Risk:Value report. This visual emphasizes the disconnect between perceived risks and actual long-term impacts on businesses in the finance sector.

NTT Com Security research reveals less than 10% see poor security as greatest risk to business

Information security is low down on the list of risks to the business, a new report from global information security and risk management company, NTT Com Security, reveals. The Risk:Value report, based on a survey of 800 senior business decision-makers (not in an IT role) in Australia, France, Germany, Hong Kong, Norway, Sweden, UK and US, is designed to determine the level of risk in large organisations and the value that senior executives place on data and information security.

While nearly two-thirds (63%) of respondents expect to suffer a security breach at some point, less than one in ten (9%) see ‘poor data security’ as the greatest risk to their business. Respondents are most likely to see risks coming from competitors taking market share, lack of employee skills and decreasing profits.

Senior executives also fail to recognise the long-term damage – both in terms of time and money – that a security breach might have on their business. Over half (59%) agree there would be minimal long-term damage, although a significant number report that their organisation would suffer reputational damage (60%) and loss of customer confidence (56%) if data was stolen. When it comes to the financial impact of a security breach, respondents estimate that their revenue would drop, on average, by 8%. However, 17% expect it to have no impact at all on revenue, while a quarter (25%) admit they do not know what the financial implications would be.

“The concern here is whether senior business decision makers recognise the risks to their organisation, as well as understand the value of good data security. There seems to be a worrying level of indifference,” according to Garry Sidaway, Senior Vice President Security Strategy & Alliances, NTT Com Security. “When we asked respondents what they associate with the term data security, only half believe it is ‘vital’ to the business, less than half see it as ‘good practice’ and less than a quarter see it as ‘a business enabler’. The majority unfortunately still associates security with data protection or privacy.

“The report also suggests that there is still a disconnect between the cost of data breaches and the importance organisations place on IT security to drive these costs down. With security incidents making headlines daily, and costs soaring for a major breach – up to $1.8m (1.4m Euros) on average for a large organisation^[1] – a security incident can have far-reaching implications, from damaging a company’s reputation and share price to its ability to attract the very best talent.”

The global Risk:Value report highlights four key areas: Data Policies, Data Security, Impact of a Data Security Breach and Personal Knowledge/Behaviour:

Data policies in the business

On average 10% of an organisation’s IT budget is spent on data/information security, although 16% of respondents do not know the amount spent.
Around half (49%) regard data security as ‘expensive’ and 18% see it as ‘disruptive’.
Over half (57%) have a formal data security policy in place, but less than half (47%) have a business or disaster recovery plan in place in the event of a breach.

Data Security

Less than half (44%) report that allof their critical data is ‘completely secure’.
55% of respondents report that (consumer) customer data is vitally important to the success of their business, but only 38% report that all customer data is ‘completely secure’.
45% report that business performance data is vitally important to their business, but only 31% admit that all of this data is ‘completely secure’.

Impact of a data security breach

Around three-quarters (72%) say it is vital their organisation is insured for security breaches.
Less than half (48%) say their company insurance covers for both data loss and a security breach.
A quarter do not know what they are insured for in the event of data security breach.

Personal knowledge and behavior

Less than half (41%) are not kept up to date by the IT security team about data attacks and potential threats.
28% rely upon their own judgment of what is ‘safe behaviour’ when using/accessing work-related data, but a fifth (21%) state data security is a joint responsibility between them and the IT team.

Simon Church, CEO for NTT Com Security, adds: “Most business decision makers are not primarily concerned with the challenges or risks faced by their organisations that relate to technology. As an industry, we need to be much smarter at educating businesses about the wider implications of data breaches, and help move the information security dial from ‘important’ to ‘vital’, so that it becomes an essential part of a company’s overall risk posture and valued as highly as profits and reputation.”

Risk Valufe infographic