Few readers will be surprised that cyberattacks are high on the list of threats facing businesses in the technology, media and telecommunications (TMT) sector.
In Willis Towers Watson’s TMT Risk Index, cyberattacks are the fourth-greatest risk facing the sector, and the greatest threat to technology firms. Cyberattacks are also the highest-ranked risk in the operational complexity and vulnerability megatrend.
Of course, all firms face some risk from cyberattacks – from hacks committed by lone individuals to hostile acts from foreign governments. The scale and nature of the risk does, however, vary markedly between industries – with the TMT sector no exception.
Different sectors, different threats
Within TMT, technology and telecoms hardware firms are perhaps most concerned about protecting their intellectual property. Telecoms operators are likely to focus on the impact of cyberattacks on operational resilience, while media firms are perhaps more concerned about protecting personal data.
Technology firms consider cyberattacks to be the greatest risk they face. But it is services companies, rather than manufacturers, that fear cyberattacks most of all. This subsector rated the impact of the risk as 7.3 out of 10.
Telecoms equipment companies put the risk outside the top five threats they face, but at the same time, they believe cyberattacks could have a severe impact on their businesses.
However, in our research, media firms are the least concerned about cyberthreats, despite some high-profile attacks against companies in the industry, especially in the subsector of digital and gaming. In fact, these firms ranked cyberthreats as 39th out of 40 – a surprising observation, given hackers’ recent focus on online gaming brands.
Looking at the data by region, North American and northern European firms have similar views of the impact of cyberattacks (rating the threat as severe, with scores of 7.5 and 7.6 out of 10 respectively). But while northern European firms put the risk at the top of their rankings, in eastern Europe, cyberattacks only rank 37th out of 40.
This suggests varying levels of maturity around cyber, as well as cultural and legal differences. It is possible that firms in eastern Europe are less aware of the risks than their northern European counterparts, or have experienced fewer attacks.
Prevention and cure
Nonetheless, companies across the TMT sector do need to act to reduce their risks. Many are already taking steps, not least by making cyberthreats a board-level issue.
This will help. But given the scale of the cyberthreat, no company can guarantee complete security. Resilience – how a business will cope if it is attacked – is as important as blocking attacks in the first place. No cybersecurity measure is infallible, so firms need to work with their risk advisers to ensure that a cyberattack is a disruption rather than a disaster.
Click here to learn more about comprehensive cybersecurity from Willis Towers Watson.