Massive cybersecurity breaches have become almost commonplace, regularly grabbing headlines that alarm consumers and leaders. But for all the attention such incidents have attracted in recent years, many organisations worldwide still struggle to comprehend and manage emerging cyber risks in an increasingly complex digital society.
PwC has launched its 2018 Global State of Information Security® Survey (GSISS), based on responses of more than 9,500 senior business and technology executives from 122 countries.
Executives worldwide acknowledge the increasingly high stakes of cyber insecurity. Of survey respondents, 40% cite the disruption of operations as the biggest consequence of a cyberattack, 39% cite the compromise of sensitive data, 32% cite harm to product quality, and 22% cite harm to human life.
Yet despite this awareness, many companies at risk of cyberattacks remain unprepared to deal with them – 44% say they do not have an overall information security strategy; 48% say they do not have an employee security awareness training programme; and 54% say they do not have an incident-response process.
In May 2017, G-7 leaders pledged to work together and with other partners to tackle cyberattacks and mitigate their impact on critical infrastructure and society. Two months later, G-20 leaders reiterated the need for cybersecurity and trust in digital technologies. The task ahead is huge.
Next steps for business leaders
What can business leaders do to prepare effectively for cyberattacks? PwC recommends three key areas of focus:
C-suites must lead the charge and boards must be engaged: Senior leaders driving the business must take ownership of building cyber resilience. Setting a top-down strategy to manage cyber and privacy risks across the enterprise is essential.
Pursue resilience as a path to rewards—not merely to avoid risk: Achieving greater risk resilience is a pathway to stronger, long-term economic performance.
Purposefully collaborate and leverage lessons learned: Industry and government leaders must work across organisational, sectoral and national borders to identify, map, and test cyber-dependency and interconnectivity risks as well as surge resilience and risk-management.
The findings from the survey will be presented at the upcoming Isle of Man Cybercrime Forum on 6 December 2017 at the Villa Marina, for which PwC Isle of Man is a gold sponsor. The event will raise awareness of the current cybercrime risks within the industry.
‘Few business issues permeate almost every aspect of business and commerce like cybersecurity does today,’ said Steve Billinghurst, Cybersecurity Leader at PwC Isle of Man.
‘Many organisations worldwide still struggle to comprehend and manage emerging cyber risks in an increasingly complex digital society, and the Isle of Man is no exception. Recent events have shown that cybersecurity shocks are felt throughout a closely connected economy such as ours and leadership commitment at both government and board level, resilience and collaboration are critical to successfully weathering the resulting storms. I will be presenting on the findings of this latest study putting forward some ideas on how business leaders can be better prepared.’
Photo - Steve Billinghurst.