Cybercrime is a top three concern for CEOs and other board level executives, according to the Lloyd's Risk Index 2013 (opens in new tab), published this week.
The bank asked research firm Ipsos MORI (opens in new tab) to survey 588 respondents about their attitudes to 50 risks across five categories. Of the 50 risks, cybercrime placed third for boardrooms across the world, placing narrowly behind high taxation and loss of customers.
This is a big jump from the last two releases of the biennial report. Cybercrime placed 12th in 2011 and 20th in 2009. "It appears that businesses across the world have encountered a partial reality check about the degree of cyber risk," the report reads.
"One development may be that the perception of what motivates cyber attacks is evolving: from financial crime to political and ideological attacks.
"2012 saw the takedown of the Interpol, CIA and Boeing websites, the suspension of alternative currency Bitcoin's trading floor, the mass theft of passwords from professional networking site LinkedIn, the outage of the websites of six major US banks and many more."
Despite this evidence, the survey highlights a possible complacency with businesses' ability to deal with the risk of cybercrime, which the majority rate at a slightly higher level than the risk itself.
The European Commission is currently considering proposals that will result in sanctions for companies that do not report the loss or theft of personal data stored on the Internet.
The EU's Digital Agenda Commissioner, Neelie Kroes said, "Cyber security is too important to leave to chance, to the goodwill of individual companies."
North American CEOs hold the biggest concern globally about cybercrime, placing the threat second. The cyber issue is seen as less of a problem in Europe, where it placed sixth.
Research published by the Insurance Information Institute in April found that employee negligence is responsible for 39 per cent of data breaches, system glitches for 24 per cent and malicious or criminal attacks for only 37 per cent.
In light of these findings, the Lloyd's report suggests that "spending money upfront on risk management – and ensuring recommendations are implemented throughout a company – might go a long way to preventing a cyber disaster before it starts."