Report

Business confidence among UK CEO’s growing, claims new report

in

BY Fraser Tennant

Business confidence is growing among UK chief executives, despite ongoing geopolitical and macroeconomic challenges, according to a new survey report by EY-Parthenon.

The report, which evaluates chief executives’ capital allocation, investment and transformation strategies, found that 82 percent felt very or somewhat optimistic about the business landscape over the next 12 months, an increase from 67 percent in September 2024.

There is also strong confidence in their companies' performance, notes the report, with 78 percent of chief executives feeling optimistic about revenue growth, 80 percent about profitability and 77 percent about maintaining a competitive position in the next 12 months.

However, despite this optimism, chief executives are cognisant of challenges on the horizon, with 71 percent of survey respondents stating that rapid technological advancements, evolving sustainability agendas and geopolitical tensions will see a shift in compliance being a key strategic factor.

“Our latest ‘CEO Outlook’ reflects a resilient and forward-thinking mindset,” said Silvia Rindone, UK&I managing partner for strategy and transactions at EY. “However, with nearly a quarter citing cost and return on investment as key factors in shaping their digital transformation strategies, it is clear that businesses are seeking a balance between innovation and sustainable growth.”

The EY-Parthenon report also found that UK chief executives plan to undertake transformation initiatives in the next 12 months, prioritising improving customer engagement and retention (45 percent), achieving sustainability targets (43 percent), and optimising operations through digitisation and productivity enhancements (43 percent). “The coming year will be crucial for organisations to refine their transformation approach and unlock long-term value," added Ms Rindone.

Additional findings reveal that the UK remains the top destination for capital investment, with 52 percent of UK chief executives planning to invest domestically over the next year. The US, France, Germany, Canada and Switzerland were all identified as other key investment locations.

Ms Rindone concluded: “With M&A activity set to rebound in 2025, driven by strategic imperatives, digital innovation and a more favourable regulatory climate, business leaders must prioritise diligent, data-driven investment decisions to capitalise on emerging opportunities.”

Report: January 2025 EY-Parthenon CEO Outlook Survey

Global deal volume and values on the rise – report

in

BY Richard Summerfield

Despite several significant headwinds, global M&A deal volume and value continued to rise in Q3 2024, according to S&P Global’s ‘Q3 2024 M&A Equity Offerings Market Report’.

According to the report, stock market volatility led to a fall of nearly 33 percent in the total value of equity issuance, to $65.63bn from second quarter levels and nearly 21 percent from the same period in 2023. But the number of global M&A announcements increased quarter over quarter for the second straight period (though the increase was slight, rising just 0.36 percent) - the first time this has happened since the third and fourth quarters of 2020. Furthermore, the total value of global M&A deals increased 29.1 percent year over year to $708.74bn in the third quarter.

On a year-over-year basis, global M&A announcements increased 7.3 percent, ending a period of 10-straight quarters of declining global announcements. Deal announcement in the Asia-Pacific region were one of the key drivers of Q3 improvements. Across Asia Pacific, the number of transactions increased to 2742, up 16.1 percent from the previous quarter and 17.3 percent from the same period in 2023. Likewise, the total value of the deals announced increased to $165.81bn, almost doubling the previous quarter’s total and a 37.7 percent increase year over year.

Europe produced some year-over-year growth with M&A announcements increasing 7.0 percent to 2846 and the total value increasing 8.8 percent to $130.89bn. But M&A activity in the region fell quarter over quarter, with the number of transactions dropping 6.1 percent and aggregate value 25.8 percent.

Globally, initial public offerings (IPOs) struggled across the first three quarters of the year, driven by economic volatility and the surfeit of elections across Europe. Global IPO activity picked up from the lows in the first half of 2024, but the pace slowed compared to previous years. The value of offerings rose to $23.32bn in the third quarter, an increase of nearly 22 percent from the second quarter of 2024, but was down 32 percent from the third quarter of 2023.

The number of IPO transactions increased worldwide to 326, up from 322 in the second quarter, but down from 387 in the third quarter of 2023. There were 946 transactions across the first three quarters of 2024, down from 1061 in the first nine months of 2023. The Asia-Pacific region did buck this trend to an extent, and India in particular was a relative hotbed of IPO activity, with the number of deals across the country up 32.3 percent year over year to 262 for the first nine months of 2024. Over the same period, the growth in total value has been smaller, however, up 12.7 percent year over year to $7.65bn.

Report: Q3 2024 M&A Equity Offerings Market Report

Cyber insurance is key to a proactive cyber security strategy

in

BY Richard Summerfield

Cyber insurance should form the backbone of a cyber security strategy, according to a new report from At-Bay.

According to the report, which surveyed security decision makers in the US, Canada and Europe, Middle East, and Africa (EMEA), cyber insurance is now seen as a best practice by many businesses, with 72 percent of respondents considering it ‘critical’ or ‘important’ to their organisation.

Furthermore, 43 percent of respondents noted that cyber insurance requirements are a significant driver of their cyber security spending. This figure rises to 52 percent among the largest organisations.

“We believe an important finding from this report is that there’s a large number of organizations that should consider partnering with a cyber insurance provider to help drive cybersecurity maturity,” said Andrew Braunber, an analyst at Omdia. “There can be upside for enterprises in aligning proactive cybersecurity spending with cyber insurance requirements, with an even more powerful emerging option to partner with an InsurSec provider to optimize risk reduction and technology performance. These relatively new entities combine cybersecurity products and services with insurance offerings to offer a wider scope of prevention and protection.”

There has been significant growth in the number of businesses of all sizes when it comes to prioritising proactive security solutions that help identify and mitigate potential threats. Over the last 12 months, more than 70 percent of respondents increased their spending on proactive security solutions.

Yet, despite the increase in the use of cyber insurance and its burgeoning impact on security decisions, only 13 percent of respondents said they were working ‘proactively’ with their cyber insurance provider to reduce cyber risk. By contrast, 33 percent of respondents said they were taking preventive measures with support from their cyber insurer.

Worryingly, proactive collaboration is even lower in critical infrastructure sectors, where cyber risks could have broader societal impacts. For example, only 4 percent of manufacturing companies, 7 percent of energy, utility and transportation companies, and 8 percent of healthcare companies reported proactive engagement with their cyber insurance providers.

“Cyber insurance has emerged as a critical pillar to building a proactive cybersecurity strategy as it enables companies to complete their risk mitigation,” said Thom Dekens, chief business officer at At-Bay and general manager of At-Bay Security. “Additionally, insurance providers with significant in-house cybersecurity expertise can provide huge business value to their customers, closely partnering with them to make informed decisions about their technology strategies and also improve their risk outcomes throughout the policy year.”

Report: InsurSec Can Drive An Effective Proactive Security Strategy

Data breaches cost FS $6.08m in 2024, reveals new report

in

BY Fraser Tennant

The global average cost of a data breach in the financial services (FS) sector was $6.08m in 2024, further expanding demands on firms’ cyber teams, according to a new report by IBM and the Ponemon Institute.

In its ‘Cost of a Data Breach Report 2024’ IBM reveals that the FS sector was the second highest of the 17 industries examined in the report – 22 percent higher than the cross-industry average cost of $4.88m.

The top three initial attack vectors affecting banks, insurers and other financial institutions were phishing, compromised credentials and cloud misconfigurations. Only 28 percent of FS firms employed extensive use of security artificial intelligence and automation last year, but those that did saw average cost savings of $1.9m per incident over institutions that did not.

According to the report, attacks on FS institutions typically took 168 days to identify and 51 days to contain – faster than the cross-industry average of 194 days and 64 days respectively.

Additional cross-industry findings in the 2024 IBM report include: (i) more organisations faced severe staffing shortages in 2024 compared to the prior year; (ii) 44 percent of breaches involved data stored across multiple environments including public cloud, private cloud and on-prem; and (iii) organisations would increase the cost of goods or services because of a breach – a slight increase from last year and the third consecutive year that the majority of businesses would push breach costs to consumers.

“Businesses are caught in a continuous cycle of breaches, containment and fallout response,” said Kevin Skapinetz, vice president of strategy and product design at IBM Security. “This cycle now often includes investments in strengthening security defenses and passing breach expenses on to consumers – making security the new cost of doing business.

“As generative AI (GenAI) rapidly permeates businesses, expanding the attack surface, these expenses will soon become unsustainable, compelling business to reassess security measures and response strategies. To get ahead, businesses should invest in new AI-driven defences and develop the skills needed to address the emerging risks and opportunities presented by GenAI.”

The report is based on an in-depth analysis of real-world data breaches experienced by 604 organisations globally between March 2023 and February 2024. The research, conducted by Ponemon Institute, and sponsored and analysed by IBM, has been published for 19 consecutive years.

Report: Cost of a Data Breach Report 2024

Cloud services a top target – report

in

BY Richard Summerfield

Cloud services, infrastructure and applications are the primary subjects of cyber attacks, according to the 2024 Thales Cloud Security Study.

The report, which surveyed nearly 3000 IT and security professionals across 18 countries in 37 industries, found that cloud security spending now tops all other security spending categories. This is particularly concerning given that 47 percent of all corporate data stored in the cloud is sensitive. Of those companies surveyed, 44 percent have experienced a cloud data breach - 14 percent in the past year.

According to the report, nearly half of organisations believe it is more difficult to manage compliance and privacy in the cloud compared to on-premises. Thirty-one percent recognise the importance of digital sovereignty initiatives as a means of futureproofing their cloud environments.

“The scalability and flexibility that the cloud offers is highly compelling for organizations, so it’s no surprise it is central to their security strategies,” said Sebastien Cano, a senior vice president at Thales. “However, as the cloud attack surface expands, organizations must get a firm grasp on the data they have stored in the cloud, the keys they’re using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it being used. It is vital to solve these challenges now, especially as data sovereignty and privacy have emerged as top concerns in this year’s research.”

The report also noted that among the targeted cloud resources, 31 percent are software as a service (SaaS) applications, 30 percent are cloud storage and 26 percent are cloud management infrastructure.

Human error and misconfigurations occurred in 31 percent of breaches, making this the top root cause. That figure was significantly lower compared to last year’s report, where 55 percent of cloud incidents were caused by human error. Exploitation of known vulnerabilities was the next highest root cause of cloud breaches, accounting for 28 percent, up seven percent compared to Thales’ 2023 report. Exploitation of previously unknown vulnerabilities and zero days accounted for 24 percent of breaches. Failure to use multi-factor authentication (MFA) was another significant cause of cloud breaches, identified in 17 percent of cases.

External attackers, including cyber criminals, hacktivists and nation-state actors, as well as malicious insiders, are also the driving force behind many cloud security breaches.

Sixty-five percent of respondents identified cloud security as a current concern, and cloud security was the top category of security spending, reported by 33 percent of all respondents.

Report: Thales 2024 Cloud Security Study

©2001-2025 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.