Amid the acceleration of digital transformation, 69 per cent of global leaders surveyed noted a significant increase in cyberattacks at their companies this year. However, despite the elevated risk environment, leaders plan to continue to invest heavily in digital transformation—with 94 per cent of chief financial officer (CFO) respondents looking to move their financial systems or ERP to the cloud. That’s according to a new Deloitte Global survey, which reveals that while there is no simple solution, there are a number of measures, which, when taken together, can enable organisations to embed cyber in every aspect of their business.
Deloitte Global’s 2021 Future of Cyber Survey analyses responses from nearly 600 global C-level executives who have visibility into the cybersecurity functions of their organisations, with the hope of increasing communication around embedding cyber into the core of every business, while providing insights on how organisations can increase visibility into complex technological ecosystems and implement best practices to better prepare for an unpredictable cyber future.
“Over the last year, businesses have been working overtime to remain competitive amid rapid technological change as accelerated digital transformation has drastically increased organisations’ vulnerability to cyberattacks. As the complexities of integrated environments continue to grow, leaders must prioritiSe incorporating cyber into every part of their business or risk the consequences of inadequate cyber protections,” says Emily Mossburg, Deloitte Global Cyber Leader.
“The report beholds the unraveling of a hyper-connected world, where digital transformation has become a business reality, and so are the risks associated. 41 per cent of respondents indicate transformation and hybrid IT as the most challenging aspect of cyber security management. A cyber conversant Board, an empowered CISO, a ZERO trust mindset, and data responsibility can truly pave way for better risk mitigation, business resilience, and creating customer trust,” said Gaurav Shukla, Partner, Deloitte India.
With more than half of businesses experiencing an increase in threats to their organisations throughout 2020, the risks have never been higher as the shift to remote and hybrid working becomes more common for businesses worldwide. Organisations are continuing to face challenges balancing investments in digital transformations to remain competitive while protecting their systems from potential breaches. A clear plurality of the chief information officers (CIOs) and chief information security officers (CISOs) surveyed (41 per cent) acknowledge that transformation and gaining visibility across increasingly complex hybrid ecosystems is the greatest challenge they face.
In building a technology-forward, protected enterprise, Deloitte Global’s survey suggests the areas causing CIOs and CISOs the most significant challenge in managing cyber risk are transformation/hybrid IT (41 per cent) and cyber hygiene (26 per cent). As a result, companies are leveraging Zero Trust—a set of architectural guidelines that are based on the fundamental principle of “never trust, always verify”—to bridge the gap between business, IT and cyber domains reducing operational complexity and simplifying ecosystem integration. Businesses that leverage Zero Trust are leading the way in organisational change to better enable digital transformation by building security infrastructures to handle the speed of these transformations.
With hackers becoming savvier, organisations are more inclined to increase their cyber defense budgets. Among the survey respondents, almost 75 per cent of leaders with more than US$30 billion in revenue reported they will spend more than US$ 100 million on cybersecurity protections this year. While these investments are being relatively evenly spread to broadly mitigate risk, we learned that greater attention is being given to threat intelligence, detection and monitoring; cyber transformation; and data security.
The convergence of technological prowess and increased cyber risk are changing the roles of today’s CISOs. As technology integrates further into daily business initiatives, so should the CISO’s responsibilities. According to our survey, there has been an increase of CISOs reporting to CEOs, going from 32 per cent in 2019 to 42 per cent in 2021 in the United States, and reaching 33 per cent globally. This alignment allows for greater transparency on business initiatives and enhanced engagement at most levels – most importantly with C-suite executives like CFOs and chief marketing officers (CMOs) whose relationships with the CISO are critical in mitigating risk and creating authentic, safe customer experiences.
Over the next three years, CIOs and CISOs will continue to prioritise cyber. Respondents ranked security capabilities (64 per cent), enhancing privacy capabilities (59 per cent), demonstrating compliance capabilities (50 per cent), and improving business efficiency and intelligence (45 per cent) as the drivers for their adoption of emerging technologies.
“Despite the challenges ahead, one thing is for certain: basic, hygienic cybersecurity systems are fundamental in protecting organisations from the rapidly increasing potential for ransomware attacks,” says Donna Glass, Deloitte Global Risk Advisory Leader. “Businesses that make strategic organisational, cultural, and operational changes within their organisation will find success in embedding cyber into the core of their business, ultimately building future resilience,” added Glass.