Companies view cybersecurity and data privacy as top people-related risk

Companies in Asia view cybersecurity and data privacy as top people-related risk: Mercer Marsh
Benefits study

According to a new report by Mercer Marsh Benefits (MMB), cybersecurity and data privacy is now ranked as the top people-related risk by companies in Asia, followed by the risk of pandemics and other communicable diseases, and administration and fiduciary risks.

MMB’s report, People Risk: Resetting priorities to manage risks for workforce and business resilience, surveyed over 2,500 human resources and risk professionals in 25 countries globally and includes data from over 600 respondents from Asia. As well as analyzing the top 25 people risks, the report identifies the main barriers these organizations face in addressing these threats.

According to the research, only 48% of respondents in Asia believe that their organization has effective cybersecurity policies, controls and systems in place such as multi-factor authentication and data encryption. Nearly half (45%) of respondents cited the ‘lack of skilled resources to understand and address risks’ as the main barrier to managing cyber risks. Further, while 76% of respondents in Asia stated that their organization is addressing HR technology obsolescence, fewer than half (45%) believe that they have suitable processes in place to manage digital-first benefits administration and talent management.

As parts of Asia continue to follow strict COVID-19 measures, respondents in the region still view pandemics as a top risk. Despite this, only 47% of respondents stated that they have effective policies and support systems in place to enable remote, hybrid or other flexible ways of working and support a culture of employee health, wellbeing and safety (46%).

Rising costs amid economic uncertainty – along with greater scrutiny on governance of total rewards – have also brought administration and fiduciary risk to the fore as a top risk this year. While wage inflation and rising healthcare costs continue to put pressure on budgets, only 45% of companies in Asia believe they have an effective, articulated cost containment strategy in place for the next three years.

Joan Collar, Asia and Pacific Regional Leader, Mercer Marsh Benefits, said: “As the pandemic continues to accelerate digitalization, it is no surprise that cyber risks are considered as the top people-related risk in Asia. 95% of cybersecurity issues are due to human error, so reskilling and upskilling needs to be prioritized to ensure employees are keeping up with the technological development and changing world of work. A large part of human error can be attributed to employee burnout and fatigue due to ongoing pressure and anxiety caused by the pandemic, as well as antiquated systems and lack of proper cyber training.”

The report also notes how the focus on immediate threats may have come at the expense of support for employees. Despite 89% of respondents in Asia flagging health and safety of employees as a serious threat, risks such as diversity, equity and inclusion (DE&I) (ranked 17th), mental health (ranked 20th), workforce exhaustion (ranked 23rd) and work-related illness and injury (ranked 25th) have been deprioritized. Only one in two companies plan to invest in mitigating these risks in the next 12 to 24 months.

Also, less than half (42%) have effective, transparent and measurable plans in place to advance DE&I and only 48% have effective training, communication and engagement strategies around the company’s purpose, culture, values and ethics.

“Companies need to adopt a more holistic approach to develop and engage their workforce and be very mindful of blind spots on the horizon, particularly around DE&I and ethics which are key to attracting and retaining the right people. Talent and benefit practices should also to be aligned with the values of the organization, and include a clear position on important issues such as climate change policy, diversity, equity and inclusion and equitable access to benefits,” Ms. Collar added.