top of page

News & Views

NTT Security Risk:Value 2019 report

UK organisations are failing to make progress towards strong cybersecurity and are facing paralysis as cybercriminals become more advanced. This is the conclusion drawn from the findings of the 2019 Risk:Value report – 'Destination standstill. Are you asleep at the wheel?’ – from NTT Security (, the specialised security company and centre of excellence in security for NTT Group.

Examining the attitudes of 2,256 non-IT decision makers to risk and the value of security to the business, NTT Security’s annual Risk:Value report researches C-level executives and other senior decision makers across 20 countries in the Americas, Asia Pacific and Europe, including the UK, and from across multiple industry sectors.

UK respondents are aware of the risks posed by cyber threats, with over half (54%) ranking cyber attacks on their organization as one of the top three issues that could affect businesses in the next 12 months – second only to ‘economic or financial crisis’ (56%).  While global organizations rank ‘loss of company data’ in third place, in the UK, 44% believe that cyber attacks on critical infrastructure is a far greater threat.  Of the most vulnerable components of critical national infrastructure, telecoms, energy and electricity networks take first, second and third place.

Almost 90% respondents in the UK believe that strong cybersecurity is important to their business over the next 12 months, compared to 78% who say the same about ‘growing revenue and profit’, while 93% believe cybersecurity has a big role to play in society.

Businesses in India, a new country to the research, are now the best performing in the world for cybersecurity, ahead of the UK. The performance of organisations in France, Germany and Singapore has worsened in the last year, as has the performance of the financial services, telecommunications, chemicals, pharmaceuticals, oil and gas and private healthcare sectors, placing doubt on the robustness of critical national infrastructure.

Commenting on the 2019 findings, Azeem Aleem, VP Consulting, NTT Security, commented: “The Risk:Value report is an interesting barometer based on responses from those sitting outside of the IT function – and is often very revealing.  What’s concerning is that organizations seem to have come to a standstill in their journey to cybersecurity best practice – and it’s particularly worrying to see UK businesses falling behind in some critical areas like incident response planning.  


"While awareness of cyber risks is high, organizations still lack the ability, or perhaps the will, to manage them effectively.  The execution of cybersecurity strategies must improve or business risk will escalate for the organisations concerned.”


bottom of page