Cyber-security high priority on the agenda of Swiss boards
Zurich, 26 August 2017
- Optimising processes is still the top priority for the board members of Swiss companies, according to the latest swissVR Monitor, a survey conducted every six months by swissVR in collaboration with Deloitte and the Lucerne University of Applied Sciences and Arts. Boards are though giving more and more attention to digitalisation and talent topics.
- According to 78% of the surveyed Board members, cyber-security issues have recently become more important to their businesses. Even so, only one-third of companies have already implemented a cyber-security strategy. Another one-third are working on one. SMEs have rather more work to do to catch up than have large companies.
- Half the participants see room for improvement in the internal organisation of their boards of directors. The overwhelming majority of Swiss company directors, though, are satisfied with the efficiency and effectiveness with which their boards work.
- 60% expect to see positive trend in business at their company next year.
A total of 464 members of boards of directors took part in the survey. They take a more positive view of their companies' prospects for the next year, as also of the prospects for their industry and the economy overall over the same period, than they did six months ago. They are most optimistic about the business prospects for their own companies: 60% expect a positive trend, while 34% are neutral and 6% take a negative view. Board members of companies in the information and communications technology, chemicals and manufacturing sectors are the most optimistic (69% positive in each case), while positive views from the financial services (52% positive) and trade and consumer goods (48% positive) industries are below the overall average.
What are boards' top strategy issues?
Boards still attach most importance to enhancing efficiency and optimising processes (41%). Digitalisation, robotics and automation (33%, now in 2nd place) as well as talent (25%, was in 11th, now in 7th) are seen as more vital than they were six months ago.
Prof. Dr. Dr. Christian Wunderlin, Chairman of swissVR, noted, "Where successfully competing in a global environment and coping with the current currency situation are concerned, increasing efficiency is still the number one topic.”
“Digitalisation has gone up the chart in boards' priority lists. Also because it plays an increasingly important part in how companies can optimise their processes, the number one priority of boards at the moment. There's another side to this trend, though, namely vulnerability to cyber-crime. Businesses have had to learn this the hard way by being on the receiving end of cyber-attacks, of which Wanna Cry and Not Petya are just two examples out of many. as this survey shows, cyber-security is an issue that's very much on Swiss boards’ minds."
Increasing importance of cyber-security – but minority of companies have cyber-strategies
There has recently been a great increase in the incidence of cyber-attacks aimed at companies and organisations. It's not surprising, then, that cyber-security issues are on the top of the agenda for boards of directors: 78% of the participants think cyber-security issues have become more important (56%) or much more important (22%) over the last three years. This view is much more prevalent among board members of large companies (90%) than among those of small or medium-sized ones (73% and 75% respectively).
According to 69% of the survey participants, cyber-security topics had been discussed by their board of directors during the past year; 30% said they hadn't been, while 1% didn't know. There are marked differences depending on the size of the company: boards in which cyber-security issues were not discussed during the past year are more likely to be those of small or medium-sized enterprises (35% each) than of large companies (16%).
35% said their company had a clearly-defined cyber-security strategy. Another third (33%) of the participants said such a strategy was being developed, and a significant number (28%) said their company had no such strategy. Far more small and medium-sized enterprises (33% and 34% respectively) than large companies (no more than 12%) had not as yet adopted a cyber-security strategy. A similar picture emerges when participants are asked about the existence of a definite cyber-security action plan.
As the main reasons for the absence of a working action plan, they cite the low priority given to cyber-security in general (38% of participants) and cyber-security being part of their company's general risk plan (37%).
As Reto Savoia, Deputy CEO of Deloitte Switzerland, puts it: "Cyber-security is a very important topic and has to be looked at in strategic terms. Given the advances in digitalisation and the increase in the number of cyber-risks, though, businesses – SMEs in particular – really do need to have a definite strategy and a plan of action. Most large firms have realised this, but all companies have to be aware and prepared.”
Organisation at board level
Almost half the surveyed boards have between four and six members. The size of boards in Switzerland depends on the size of the company, as is the way boards are broken down into various committees (e.g. remuneration and audit committees).
A large majority of participants (36%: true, 51%: partly true) sees the tasks within their board as being optimally shared among members in terms of their competence, experience and personality.
A similar result came about when questioned if the influence and functions are shared among board members in a balanced way. 24% think this is true, 50% see it as partly true, and 26% take the opposite view. More divisive is the question as to whether the chairman dominates the board: 41% of the participants agreed with this statement – 13% entirely and 28% in part.
In addition, a large majority (90%) of the participants regard the work of boards of directors (in terms of time spent and adequate effect) as being organised wholly or largely efficiently and effectively.
Prof. Dr. Christoph Lengwiler, Head of the Institute for Financial Services Zug (IFZ) and Vice-President of swissVR sums it up, "The findings from the survey are that a large majority of Swiss company directors are satisfied with the efficiency and effectiveness with which their boards work. Two-thirds of the participants in the survey report that the way their board works is subject to regular discussion. However, half the participants see room for improvement in their board's internal organisation. It's evident that some critical thinking is being done about the way in which boards operate."
About the report
The half-yearly survey swissVR Monitor aims at gauging board members’ attributed to the outlook for business, strategies and structural themes. This issue also specifically focuses on the topic of cyber-security. The survey was conducted by swissVR in collaboration with Deloitte and the Lucerne University of Applied Sciences and Arts between 15 May and 16 June 2017. A total of 464 board members took part, representing listed companies as well as small and medium-sized companies (SMEs) from every major sector of the Swiss economy.
swissVR is an association for members of Board of Directors from Swiss companies. swissVR is committed to the professionalism, quality and the perception of the interests of boards. The association’s 650 members represent board mandates in various sectors and regions as well as in SMEs and listed companies. This broad coverage of various sectors, regions and company sizes allows for a varied know-how sharing. swissVR also offers a diverse range of events on a variety of topics currently facing boards, as well as specific training courses cooperation with educational partners.