Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybercrime enters top 10 business risks in Asia

Sri Narayanan | April 25, 2017
Increased cyber breaches and government scrutiny raise business compliance concerns.


For the first time, Asian enterprises have identified cybercrime as a critical business risk, according to Aon's 2017 Global Risk Management Survey. This follows global trends in economics, demographics and geopolitics which are transforming traditional risks for all businesses, adding new urgency and complexity to old challenges, the report found.

Conducted in the fourth quarter of 2016, Aon's 2017 Global Risk Management Survey gathered input from 1,843 respondents at public and private companies around the world, making it the largest response and one of the most comprehensive surveys of its kind.

Registering at number seven on the list of business risks, the inclusion of cybercrime reflects the increase in cyber breaches and the complexity of implementing incident response plans as regulation and mandatory disclosure obligations become more onerous. 

Researchers concluded that hackers are 80 percent more likely to target Asian organisations than in other parts of the world with an average of 3.7GB of data stolen in each attack, amounting to hundreds of millions of records. 

The compliance and regulatory framework is also shifting towards more onerous data protection requirements for companies, led by China's new Cybersecurity Law. Companies operating out of China will face stricter rules regarding the transfer of data out of China effective 1 June 2017.  Asian companies with exposure to EU citizen data will be governed by the General Data Protection Regulation (commencing 25 May 2018) and could be fined up to 4 percent of their global turnover for serious breaches.  

In Singapore, the Personal Data Protection Commission began issuing fines for data breaches in 2016, and with a new Cyber Security Law set to be tabled in Parliament this year, companies must prepare for further government scrutiny of cyber risk preparedness and, possibly, mandatory reporting obligations in the event of a data breach. 

The top 10 risks in Asia Pacific are:

  1. Damage to reputation/brand
  2. Regulatory/legislative changes 
  3. Increasing competition
  4. Failure to innovate/meet customer needs
  5. Economic slowdown/slow recovery
  6. Business interruption
  7. Cyber-crime/hacking/viruses/malicious codes
  8. Failure to attract or retain top talent
  9. Major project failure
  10. Political risk/uncertainties

The full report can be accessed at


Sign up for CIO Asia eNewsletters.