Two in five CEOs not addressing cyber breaches

Two in five CEOs not addressing cyber breaches

By Pádraig Hoare

Two in five Irish chief executives are not addressing cyber breaches, a global report into data privacy protection has found.

The survey by PwC of 9,500 chief executives in more than 120 countries found just half have an accurate inventory of employee and customer personal data.

PwC’s latest Irish chief executive survey found almost nine out of 10 Irish CEOs are concerned about cyber threats, but 40% are not addressing security breaches.

Less than half of bosses globally conduct compliance audits of third parties who handle customer and employee data, or plan to boost investment in this area in 2018. Less than a third (31%) say corporate board members directly participate in a review of current security and privacy risks.

Only one in three had started a general data protection regulation (GDPR) assessment at the beginning of 2018.

The GDPR was ratified in 2016 following four years of negotiation, replacing the existing directive on data protection.

Unlike an EU directive, which can be implemented over a certain time, the regulation will be made law once it begins in May, meaning penalties can be imposed from day one.

The regulation is designed to harmonise data privacy laws across Europe and to protect citizens’ data privacy. It not only applies to organisations within the EU but also to firms that do business inside member states.

If companies fail to comply with the regulation, they can be fined up to 4% of annual global turnover, or €20m.

PwC Ireland cyber leader Pat Moran said the survey’s findings were worrying.

“GDPR is just around the corner and it is disappointing that the survey suggests that organisations are not doing enough to protect data privacy.

“Using data in more innovative ways opens the door to both more opportunities and more risks. In our experience, there are few companies building cyber and privacy risk management into their digital transformation.

“Understanding the most common risks, including lack of awareness about data collection and retention activities, is a starting point for developing a data-use governance framework,” he said.

Overall, businesses in Europe lag behind their North American counterparts in developing an overall information security strategy, said PwC.

More in this Section

Government to consider legal right for workers to switch off outside working hoursGovernment to consider legal right for workers to switch off outside working hours

Trump’s desire to acquire Greenland is not ‘crazy’Trump’s desire to acquire Greenland is not ‘crazy’

Consumer confidence flashes red for TrumpConsumer confidence flashes red for Trump

Apple €13bn tax appeal hearing next monthApple €13bn tax appeal hearing next month


Incarcerated in Auschwitz and other Nazi death camps Zuzana Ruzickova somehow survived and went on to create the complete recordings of her beloved Bach, writes James Lawless.Book review: Nazi horrors replaced by brutal Soviets for piano player

The Menu was delighted to make recent mention of a new UCC postgraduate diploma in Irish food culture and is equally pleased to announce availability of two new bursaries for same.The Menu: Food news with Joe McNamee

George Orwell’s classic novel foretold a lot, but the manner in which we’ve handed over our personal data to faceless corporatocracies is doubleplus-ungood, says Suzanne Harrington.How we sleepwalked into George Orwell’s nightmarish vision

Esther N McCarthy has her eye (and ear) on party speakers for your BBQ, spots a rug that’s out of this world, and revels in all that’s on offer for Heritage Week and Cork Craft Month.Your interiors wish list: Party speakers, Heritage Week and Cork Craft Month

More From The Irish Examiner