Concerns over regulatory risk have moved up the ranks to third place, according to the broker and law firm’s latest survey

Cyber attack and data loss remain the top two most concerning risks for directors and officers (D&O) for the second year running, according to the latest D&O Liability Survey 2022, published today (21 April 2022) by Willis Towers Watson (WTW) in partnership with Clyde and Co.

Exactly 47% of respondents reported that a cyber attack was of very significant or extremely significant risk to their organisation, whether financially or reputationally. Data loss sat at 43%.

This year’s survey included 437 global respondents, alongside 47 contributors who helped to write it.

Regulatory risk, including threat of fines, penalties and risk of health and safety/environmental prosecutions, meanwhile, replaced cyber extortion (36%) in third place at 40%.

Rankings were determined by the proportion of survey respondents who branded a risk category either very significant or extremely significant.

Globally, cyber extortion ranked as the third top risk (59%), behind cyber attack (65%) and data loss (63%).

Two common types of cyber extortion are ransomware and distributed denial of service attacks (DDoS).

Climate change fell to rank six in the UK with 24% of respondents branding it a significant risk – down from 39.74% in 2021.


Interconnected risks

Jeremy Wall, head of global financial, executive and professional risks (Finex) at WTW, said that “this year marks a sea-change in the global scope of our survey, with responses from more countries than ever before”.

James Cooper, head of the financial institutions and D&O team at Clyde and Co, added: “What emerges in this report is a complex network of globally interconnected and evolving risks that leaders should not consider in isolation.

“While it is no surprise that cyber attacks and data loss lead the risk ranking once again, the emergence of cyber extortion as a perceived threat adds a further level of pressure on leaders to implement adequate cybersecurity controls and to react efficiently and effectively in the face of an attack.”

The survey follows WTW and Clyde and Co’s D&O Liability Survey 2021, published in April last year, which included findings from over 250 respondents worldwide.