CohnReznick and Nexia International Unveil Results of Global Cybersecurity Survey

    This year, CohnReznick LLP, one of the nation’s leading accounting, tax, and advisory firms, conducted a global survey with Nexia International to assess the current state of cyber preparedness. More than 350 companies from around the world provided insight on how their organizations view cyber risk and their processes in place to mitigate a breach.

    Our analysis of survey responses points to a significant need for middle-market organizations around the world to improve their overall understanding of the cybersecurity risk landscape.  Moreover, there is still considerable education and investment required to not only reduce the overall exposure to cyber attacks, but also to improve organizational preparedness and responsiveness across most industries and geographies.  The following summarizes our key observations:

    • Only 39% of respondents consider cybersecurity a top concern
    • 46% of respondents across the Americas do not have a formal cybersecurity program
    • 50% of respondents indicated that hacktivists, organized crime, and employees – both current and former – are the sources of greatest cyber risk
    • 20% of respondents have not conducted a cybersecurity assessment, and only 25% of respondents provide cybersecurity training to employees at least annually
    • 20% of respondents who are required to have a cybersecurity program based on governmental, industry or customer regulations do not currently have a cybersecurity program
    • Limited time and budget along with a lack of qualified staff were the key reasons cited for not having an effective cybersecurity program
    • More organizations that have a cybersecurity program reported experiencing a breach than those who do not have a formal cybersecurity program
    • The majority of the respondents indicated underinvestment in advanced cybersecurity initiatives such as a robust security incident response plan to identify, detect, and handle security incidents including data breaches

    Cybersecurity Survey Results 

    The above, taken with the rest of the survey data and responses, highlights an overall lack of intensity and awareness of the need for a comprehensive cybersecurity program.  And if the rising cyber threats and increasing fines are not enough for companies to rethink their cyber programs, there are ample new regulations that may provide the needed impetus. 

    Subject matter expertise

    • Bhavesh Vadhani
      Contact Bhavesh Bhavesh+Vadhani
      Bhavesh Vadhani

      CISA, CRISC, CGEIT, PMP, CDPSE, Principal, Global Leader, Cybersecurity, Technology Risk, and Privacy

    • Close


      Let’s start a conversation about your company’s strategic goals and vision for the future.

      Please fill all required fields*

      Please verify your information and check to see if all require fields have been filled in.

      Please select job function
      Please select job level
      Please select country
      Please select state
      Please select industry
      Please select topic
    This has been prepared for information purposes and general guidance only and does not constitute legal or professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is made as to the accuracy or completeness of the information contained in this publication, and CohnReznick LLP, its partners, employees and agents accept no liability, and disclaim all responsibility, for the consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.