- You'll be able to reset your Instagram algorithm soon - here's how
- Buy or gift a Babbel subscription for 74% off to learn a new language
- Apple Issues Emergency Security Update for Actively Exploited Flaws
- La alta directiva bloquea el valor de los datos en sus empresas
- AI transformation is the new digital transformation. Here's why that change matters
We’re All in this Together: Thoughts on the PwC 2023 Global Digital Trust Insights Report
What do you need to know from PwC’s 2023 Global Digital Trust Insights report? The short answer: Teamwork. If you don’t have a lot of time today, just remember that. Based on the recommendations in this report, if you want your business to make progress in cybersecurity, C-suite executives need to come together and unitedly work towards a more secure future.
Who was included in this Survey?
The data in this survey comes from 3,522 business, technology, and security executives from around the world. Some of the questions were asked to all participants, and others were specific to certain types of executives.
What progress has been made?
The PwC survey asked executives if they had seen improvement in ten different facets of cybersecurity. In each category, at least 70% of those surveyed said that they had in fact seen improvements. More than a quarter of respondents indicated that they had improved in all ten areas. Here is a sample:
- 79% improved OT security
- 77% improved defense against ransomware
- 75% collaborated on “security and privacy” products within the business
There seems to be a general feeling of confidence in CISOs and the security and privacy programs set up by organizations, as many of the respondents indicated that CISOs were performing exceptionally in several different areas, and strongly agreed with positive statements relating to programs.
What are the challenges?
However, the picture painted by this data isn’t all sunshine and roses. Executives were asked about the level at which they felt 10 different cybersecurity risks were being addressed. For each risk, less than 40% of those surveyed indicated that they were fully mitigated. In regards to potential sources of cyber threats, cybercriminals, malicious hackers, and inside threats were the ones that executives expected to have the most impact. In terms of how the bad guys will get to their data, executives rated mobile devices, email and cloud based pathways as being the most expected routes. PwC’s survey also identified new challenges businesses face this year including concerns about making disclosures in the case of a breach, the economy, and the privacy of consumer data.
We can all do a little better
The data in this report highlighted several areas of improvement for different executives. For instance, Board members were asked how effective they felt their governance was across six different aspects of cybersecurity. Only 9% indicated that their governance was very effective in all six categories.
This survey found that CROs and COOs can take a more integrated approach to handling risk.
The privacy of customer data is another area for growth. The survey questioned participants about ten guidelines relating to data security. Only 5% of respondents indicated that they always implement all ten of those guidelines.
The report highlighted current and pending legislation in regions regarding the disclosure of cybersecurity breaches. The data gathered indicates that while most executives agree with the need for disclosure, less than 10% are actually confident in their ability to provide it.
Now what?
Thankfully, the PwC report doesn’t linger too long on either past successes, or the depths of current and future concerns. Instead, the majority of the report consists of what they entitle the “C-suite playbook on cyber”. This is where teamwork really comes into play. The survey gathered data concerning what different types of C-suite executives are currently doing in relation to cybersecurity, and gave individualized recommendations for each. Detailing each bit of data collected and each recommendation given in the report is beyond the scope of this article, so instead we will focus on a general theme that appeared across most of the report.
Support Your Local CISO
Many of the recommendations put forth in the report related to how other C-suite executives can work with CISOs to improve the state of cybersecurity within their organization.
For example:
- Board members can give more time to CISOs in their meetings.
- CIOs and CTOs can collaborate with CISOS to ensure cloud security.
- CFOs can work together with CISOs to optimize spending on cybersecurity.
- COOs can team up with CISOs in dealing with OT and supply chain security issues.
- CROs and CISOs together can help other executives see the importance of risk management.
- CDOs and CPOs should coordinate with CISOs as they work on ensuring the privacy of customer information.
- The entire C-suite, including CISOs can work together to mitigate the effects of cybersecurity breaches, such as a ransomware attack.
No One Has To Tackle Cybersecurity Threats Alone
PwC’s 2023 Global Digital Trust Insights report concludes with a few brief scenarios highlighting how members of the C-suite can come together to respond to salient cyber threats. Despite progress made over the past year, there is room for improvement. The good news is that in an organization, no one has to tackle cybersecurity threats alone. The even better news is that now, more C-suite executives than ever are realizing it. Working together, executives can help lead their companies into a safer and more advanced digital future.
About the author:
Kirri Johnson has always been interested in the new technology tools that seem to be available at an ever increasing rate. This is part of why she is working on a masters degree that relates to instructional technology. Each new tool, however, brings risks. Completing required trainings while working at a credit union opened Kirri’s eyes to the reality of cybersecurity threats such as ransomware, and the importance of password protection.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.