Cybersecurity – Plugging the hole through testing, policies and training

Oct 2023

The Institute, in collaboration with PricewaterhouseCoopers Limited (PwC), has issued a research report on 'Cybersecurity: Plugging the Hole’ (with Five Imperatives)' based on a survey with more than 1,400 respondents. Critical issues revealed by the survey included: 

the board's insufficient involvement in cybersecurity governance (66% have little or moderate involvement)
the absence of specialised oversight (20% have cybersecurity committees)
directors' inadequate cybersecurity training (57% have only received sporadic training), and
only 20% of organisations have cyber insurance, and many were unsure of its coverage.

The paper suggests five imperatives to fill these gaps:

making cybersecurity testing a top priority
developing and maintaining up-to-date security policies while incorporating security into software development
putting IAM policies into practice
monitoring relevant third-party cybersecurity risks, and
investing in awareness training.

The Institute's president, Mr Ernest Lee FCG HKFCG(PE), emphasised the significance of these imperatives as crucial governance approaches to reducing cyber risks. 

To view the report, please click HERE.

Got Questions?

Please contact the Technical & Research Section: 2881 6177 or email:

Learn more about Thought Leadership

Scroll To Top