UK boards are worried about cyber-risks – so what can IROs do?

It’s probably not surprising to hear that boards around the world – and particularly in the UK – remain laser-focused on the looming threat of cyber-risks.

That’s according to data collected by the Chartered Governance Institute UK & Ireland for its annual Boardroom Bellwether report, which surveyed FTSE 350 company boards on what they were most concerned about in 2024. Almost three quarters (74 percent) of executives polled say they expect the risks posed by cyber-related issues – including AI, hackers and data breaches – to grow over the next year.

For IROs, it reiterates the importance of being aware of your organization’s vulnerabilities and overall risk profile so you can keep investors better informed. But it also highlights something we’ve been looking at over the past few weeks at IR Magazine: the importance of being well prepared for a crisis.

Indeed, the Chartered Governance Institute also finds that four in five firms are increasing their spending on cyber-risk mitigation in a bid to combat the threat, while 79 percent say their directors are facing increased risk and liability themselves.

Interestingly, the specter of cyber-risk looms far larger than other risks, which only 59 percent of those surveyed say they expect to grow over the next year. Reputation is ranked next as a very important driver of risk by 50 percent, though 88 percent do consider this a risk factor in itself.

Meanwhile, as the global economic picture still ranks highly in terms of a recognizable driver of risk, only 14 percent of companies expect UK economic conditions to worsen over the next 12 months, while 22 percent expect the state of the world economy to deteriorate in the same timeframe.

Being clued up on those risks is an obvious first port of call. As we’ve heard throughout the month, however, as we speak to leading IROs about the topic of crisis communications, being confident about your grasp of the situation and the steps you are going to take is often the most decisive factor in successfully navigating tricky times.

Gregg Lampf, vice president of IR at communications equipment firm Ciena, says exactly this. Recalling a previous experience with a different company, he notes that he was particularly exposed when talking to investors because he didn’t have the ‘stature’ to do some of the internal delving required to understand the situation.

‘You’re in that IR role for a reason, and you have to make sure you’re informed at all times as best you can be, whether about bad things or good,’ he tells us in this piece detailing the biggest mistakes IR teams can make in a crisis.

It’s a lesson worth remembering when times are easy – after all, it’s a lot easier to make clear-eyed plans for the future when you’re not actually in the throes of a crisis.

What are the most significant risks ahead of your company as we head into 2025? And how are you preparing to handle them? Let us know, either on LinkedIn or via email at [email protected].