Cybersecurity threat viewed as ‘top risk’ for Asian companies

As cyberattacks become more aggressive and sophisticated, Asian companies have taken notes on those incidents and viewed cybersecurity and data privacy as their priority people-related risk, according to a report by Mercer Marsh Benefit (MMB).

MMB surveyed over 600 human resources and risk professionals from Asia, and found that only 48%, or less than half of the respondents, believed that their organizations have effective cybersecurity policies. Moreover, 45% of them also stated that they face obstacles to manage cybersecurity and data privacy-related risks due to the lack of skilled resources who understand and address it. HR technology obsolescence has also been identified as a growing concern – while 76% of respondents noted that they have begun addressing the issue, only 45% said that they have been able to implement digital processes which benefit administration and talent management.

In the report, Joan Collar, Asia and Pacific regional leader of MMB, said “As the pandemic continues to accelerate digitalization, it is no surprise that cyber risks are considered as the top people-related risk in Asia”. He also noted that reskilling and upskilling workers to ensure their up-to-date competence on technological development and changing work landscape are important steps that should be taken by companies, especially because 95% of cybersecurity issues can be attributed to human error. When workers are burnt-out and fatigued due to ongoing pressure and anxiety, especially in the current pandemic-affected situation, they might unintentionally do cybersecurity and identity-related mistakes. Mistakes can also happen due to the lack of training and older systems still being used in the production setting.

The report also highlighted that the companies’ approach to solve immediate threats may jeopardize the well-being of their employees. While 89% of respondents said that they prioritize the health and safety of their employees, there are a lot of hidden welfare-related risks that are ranked much lower in their priorities, such as diversity, equity, and inclusion (DE&I), mental health, workforce exhaustion, and work-related illness and injuries. Worryingly, only two companies surveyed by MMB have stated that they planned an investment to address those hidden risks in the next 12-24 months.

Furthermore, less than half the companies surveyed have invested in those aforementioned lower-priority risks. Only 48% of those companies have “effective, transparent and measurable plans to advance DE&I”, and 45% have “effective training, communication, and engagement strategies to strengthen company purpose, values, and ethics”.
Addressing the findings, Collar further said, “Companies need to adopt a more holistic approach to develop and engage their workforce and be very mindful of blind spots on the horizon, particularly around DE&I and ethics which are key to attracting and retaining the right people.” He also said that talent and benefit practices should align with the values of the organization, and should also address important issues such as climate change policy, equity, and inclusion, as well as equitable access to benefits.