WASHINGTON--(BUSINESS WIRE)--Seventy-five percent of compliance officers are not involved in managing cyber security risk according to a new report from Kroll and Compliance Week. In a survey of senior-level compliance professionals, nearly 44 percent of respondents also said the chief compliance officer (CCO) is only responsible for privacy compliance and breach disclosure after an incident, but has no role in addressing cyber security risks before one.
These statistics draw attention to a gap in responsibilities as cyber security lapses can often involve hefty penalties or sanctions, civil litigation and compliance issues. As the CCO role evolves, the need for influence in managing cyber security risk will increase. Alan Brill, senior managing director for Kroll, says compliance officers should have a strong enough grasp of cyber security to know when they should be involved in a problem—and, he stresses, other parts of the corporate enterprise need to recognize that compliance has a role to play from the beginning.
“Every compliance officer needs to decide whether it’s time for them to be Captain Kirk and boldly go into cyber,” says Brill, “and to do it by forging a partnership with the IT director, with the general counsel, with the internal auditor—so that the cyber elements of compliance are just the everyday part of your work.”
The 2014 Anti-Bribery and Corruption Benchmarking Report also includes these findings:
- More than 50 percent of compliance professionals anticipate the bribery and corruption risks to their company will increase this year
- 58 percent never train third parties
- Only 43 percent monitor compliance after a third-party relationship begins
- Only 48 percent automate their anti-corruption program in some way
To obtain a copy of the report from Kroll and Compliance Week or to speak with a Kroll representative, please contact:
Cathy Johnson
Kroll
+1 347.963.7509
cathy.johnson@kroll.com
About Kroll
Kroll is the leading global provider of risk solutions. For over 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, due diligence and compliance, cyber security, physical and operational security, and data and information management services. Headquartered in New York with more than 55 offices across 26 countries, Kroll has a multidisciplinary team of nearly 2,300 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.
About Compliance Week
Compliance Week, published by Wilmington Group plc, is an information service on corporate governance, risk, and compliance that features a weekly electronic newsletter, a monthly print magazine, proprietary databases, industry-leading events, and a variety of interactive features and forums. It reaches more than 26,000 financial, legal, audit, risk, and compliance executives, and is based in Boston, Mass.