Not if, but when: in the face of increasing cyber risks, businesses must have a strong safety net

10 November 2022
  • Mazars global study shows more than half of C-suite leaders (54%) think cyber threats have increased vs previous year
  • Over a third (36%) say a significant breach is likely in their own company in 2022
  • But confidence is high: 68% of business leaders consider their company’s data to be “completely protected”

Mazars, the international audit, tax and advisory firm, has released its cyber security report: is your safety net strong enough? According to research amongst more than 1,000 C-suite executives worldwide, cyber security is now a major preoccupation among corporate leaders. Effective cyber defence has become a delicate balancing act for many businesses; having a strong safety net that can cushion any eventual fall is paramount.

Robert Kastenschmidt, Partner and Head of Consulting at Mazars says: “Cyber threats are all around us. This is not paranoia, it’s an unfortunate reality: every day brings new hacks, new data leaks, new embarrassment - and new costs, both financial and commercial. Nobody is spared. Collectively, we are getting better at preventing and detecting cyber break-ins and limiting their damage, but no system is fool proof. The technological advances that can protect us also provide cyber criminals with more advanced tools including artificial intelligence that can keep them several steps ahead of the organisations they target.”

Getting real about rising cyber risk

Our research shows that business leaders feel cyber threats are growing, with more than one in three bracing for a significant attack somewhere in their organisation in the next 12 months.

The perceived change is highest in the United States and Europe, with more than 60% seeing rising dangers. Large companies with more than $1 billion in annual revenue appear the most concerned but criminals don’t discriminate, probing everyone for vulnerabilities, regardless of size.

When talking about the risks of cyberattacks, no company is secure enough, no matter if it’s a small or a big one. Indeed, we can say those small businesses are more at risk because they don’t invest as much as the bigger companies in staff and technology. But nevertheless, it is not impossible to protect yourself if you’re small. It just requires a lot of careful planning.

Bring it on: gauging readiness for cyber security

Despite their concern about cyber risk, most companies express confidence about their ability to protect themselves in the event of an attack. More than two-thirds of business leaders (68%) tell us that they feel their organisation’s data is “completely protected”. Confidence is highest in the United States, where 80% of respondents feel completely protected.

For C-suite executives worldwide, cyber risk largely translates into fear of financial risk. More than half (56%) of the business leaders we surveyed put financial losses at the top of the list of the biggest risks to their organisation regarding cyber security and data protection.

Confidence or complacency?

Many companies, especially those in the most exposed sectors such as banking and retail, have accumulated a deep understanding of both the risks and the organisation-wide response and recovery strategies needed to deal effectively with cyber threats. But there is sometimes a gap between the IT reality and managers’ confidence about the extent of the protection.

The retail sector, for example, is at risk all the time. When you handle private data from clients, including credit card numbers, you have to be extra safe. And retailers are taking cyber security seriously – they have been doing so for years, and this is the reason why they seem confident.

Not if, but when: five pillars of defence

A robust defence against cyberattacks depends on your ability to identify, prevent, and then detect attacks. Post-attack response and recovery need to be carefully planned and extensively tested. In our report we explore these five pillars of smart defence against cyber threats: identification, prevention, detection, response and recovery.

Strengthening the cyber safety net

Cyber threats are here to stay—and they will get worse. That is the sober reality of C-suite sentiment, as reflected in our annual barometer. Business leaders have no choice but to live with that reality and deal with it as best they can. Many are confident they can withstand significant attacks, but why tempt fate? Mazars’ six key takeaways for surviving and thriving in a cyber-scary world are designed to spur action, with relevance not just for business leaders and IT teams but for all employees.

Romanian C-suite leaders, concerned about their data protection

Just like it was expected, the risk regarding cyber-attacks is increasing. An important factor of this increase is represented by the geopolitical conflicts and threats, which can lead to state-sponsored attacks on essential infrastructures and services.

The increasing reliance that companies have on technology, as a business decision-making tool, by including Artificial Intelligence (AI) and big data processing, is also driving investments in data protection and identity-systems as a response to the attacks. Within the sustainable strategies of development of these companies, there will always exist a relationship between the development investments of each business and the protection measures from these attacks.

Based on our annual C-suite barometer, in Romania, only 31% C-suite leaders feel their data is “completely” protected, vs. 68% globally. Two-thirds feel that they’re likely to have a data breach next year, vs. roughly one-third globally. For most businesses, it’s not a question of if you will suffer a cyberattack but when. It can cause huge damage, not just reputationally, but also commercially and financially. Businesses need to ensure they are as robust and resilient as possible to withstand cyber threats.

Horațiu Nistor Senior Manager, IT Audit & Advisory

Click here to download the full report. 





About the study 

The Mazars C-suite barometer was designed and conducted by GQR Research, in collaboration with Mazars. The data was gathered via an online survey at the end of 2021 with a total sample of N=1,130.


Emilia Popa, Head of Marketing and Communication, Mazars Romania / +40 741 111 042

About Mazars

Mazars is an internationally integrated partnership, specialising in audit, accountancy, advisory, tax, and legal services*. Operating in over 90 countries and territories around the world, we draw on the expertise of more than 44,000 professionals – 28,000+ in Mazars’ integrated partnership and 16,000+ via the Mazars North America Alliance – to assist clients of all sizes at every stage in their development.

*where permitted under applicable country laws. | Mazars on LinkedIn

About Mazars in Romania

In Romania, Mazars has 27 years of experience in audit, tax, financial advisory, outsourcing, and consulting. Our strength lies in the people we work with – the local team has 300 professionals. | Mazars Romania on LinkedIn