Gartner Blog Network


Are Companies Really Worried About Digital Risk?

by John A. Wheeler  |  December 23, 2014  |  3 Comments

As the dust begins to settle on the Sony Pictures Entertainment data breach, we continue to see major threats to corporate digital assets become reality. And they are growing in both size and impact on corporations, well beyond customer personally identifiable information (PII). In Sony Pictures’ case, the breach extended to the very digital assets it produces. So, one has to wonder, are other companies really worried about digital risk?

Well, based on some recent survey data, I’d have to say – yes, they are worried. In fact, several weeks ago, I published an analysis of our annual Gartner IT Risk Management Survey and it contains some telling results. It showed that demands from board members and senior executives for IT risk management data increased dramatically in the past year. In 2013, only 46% of survey respondents noted that IT risk management data influenced board level decision making. However, in 2014, that percentage rose to a whopping 70% (see figure below).

gartnerdigitalriskboard

Source: Gartner (October 2014)

Our research is not alone. Boston Consulting Group also reports that 2014 has seen an increase of 126% in cyber attacks reported by companies, an increase of 83% in references to digital asset security in top broker research and an increase of 9% in worldwide spending in IT security.

So, the challenge for companies now is how to equip themselves for future threats and protect their most vital digital assets. That is also what the focus of our risk management research at Gartner is designed to address. In 2015, we will be investigating how companies are evolving their IT risk management programs to better manage these growing digital risks.

To learn more, visit gartner.com or click here to access more of my latest research.

Additional Resources

Category: cyber-security  digital-risk  enterprise-risk-management  grc  information-technology  it-risk-management  operational-risk-management  risk-management  

John A. Wheeler
Global Research Leader - Risk Management Technology
8 years at Gartner
30 years IT Industry

John A. Wheeler is global research leader for risk management technology solutions and professional services. His areas of specialty include integrated risk management, executive leadership and corporate governance. Follow him on Twitter @JohnAWheeler Read Full Bio


Thoughts on Are Companies Really Worried About Digital Risk?


  1. Barry Schrager says:

    It’s good to see the rise in Board and Executive concerns But are they engaging outside experts for real security reviews? That is a crucial first step.

  2. […] Are Companies Really Worried About Digital Risk?“As the dust begins to settle on the Sony Pictures Entertainment data breach, we continue to see major threats to corporate digital assets become reality. And they are growing in both size and impact on corporations, well beyond customer personally identifiable information (PII). In Sony Pictures’ case, the breach extended to the very digital assets it produces. So, one has to wonder, are other companies really worried about digital risk? Well, based on some recent survey data, I’d have to say – yes, they are worried…” Via John Wheeler, Gartner […]

  3. […] come only from the top and there are signs that this is finally happening.  John Wheeler reports that in 2013, only 46% of respondents to the annual Gartner IT Risk Management Survey noted that IT […]



Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.