Senior executives around the world are taking risk management more seriously, PwC research found, but many are still concerned about business resilience.
As cyberthreats and actual attacks have increased in recent years, corporate executives have become more cognizant of the potential risks to their businesses, according to Matt Gorham, leader of PwC’s Cyber & Privacy Innovation Institute.
A recent PwC study on how companies manage business risk showed 40% of business leaders viewed cybersecurity as the top risk facing their companies, Gorham said.
In the study just released, 70% of executives saw improvements in cybersecurity over the past year, mainly due to an increase in cyber-related investments and collaboration from the C-suite.
“Forward-thinking companies realize that cyber preparedness and cyber resilience require a much broader group of individuals beyond just the CISO and [are] approaching cybersecurity as a team sport,” Gorham said via email. “Many CISOs and CFOs have changed the way [they] invest in cyber and are leveraging data to make funding decisions with business goals and top risks in mind.”
The research is based on a survey of 3,500 business, technology and security executives from nations across the world. The survey, conducted during July and August, includes responses from CEOs, CFOs, board directors, CISOs and CIOs.
Highlights
* Corporations around the globe are taking steps to prioritize cybersecurity with support from senior executives and board members, according to a study from PwC. However, many of those executives expect to see increased threats, according to the 2023 Global Digital Trust Insights study from PwC.
* Two-thirds of executives see cyber criminal activity as the company’s leading threat. And almost half of security and IT executives expect to see a further increase in ransomware attacks in 2023, while 2 in 5 expect to see more serious attacks in the cloud, according to the study.
* The study shows more than half of chief risk officers or COOs are very concerned or extremely concerned about the ability of their companies to withstand a supply chain attack.