Excerpt from ICAEW Article, Published on September 2025
Cyber security and data security remain the most critical threats facing organizations in 2026, confirmed by a survey of nearly 900 Chief Internal Auditors across the UK and Europe conducted by the Chartered Institute of Internal Auditors (Chartered IIA). More than 80% of these experts identified cyber risks as their top priority, indicating the scale and severity of the current threat landscape.
The recent wave of sophisticated cyber attacks, including high-profile incidents at Heathrow Airport, M&S, and Jaguar Land Rover, underscores the urgent need for businesses to strengthen their cyber resilience. These incidents have not only disrupted operations but also caused significant financial losses. Increasingly, attackers are leveraging advanced artificial intelligence (AI) to enhance the scale and sophistication of their attacks, compounding the challenge for organizations to defend their critical infrastructure.
The role of internal audit teams is pivotal in this environment. These experts provide independent assurance that cyber controls and risk management measures are robust and effective. The Chartered IIA strongly recommends that boards and senior leadership engage internal auditors to rigorously evaluate cyber threat defenses and recommend necessary improvements. Their deep expertise helps organizations stay ahead of evolving threats and protect their operational continuity.
Moreover, experts stress that cyber security and data security are not just IT concerns but enterprise-wide risks that permeate supply chains, regulatory compliance, and human factors like cyber hygiene and employee awareness. Organizations must invest in ongoing staff training and cultivate a culture of security vigilance across all levels.
As geopolitical tensions rise, hostile state actors continue to pose an enduring threat to critical infrastructure, making cyber resilience an essential strategic priority for businesses in 2026 and beyond.
To delve deeper into this topic, read the ICAEW Article.
