The rapid pace of digital transformation due to the COVID-19 pandemic, which saw businesses move services online, supply chains disrupted and employees work from home, has pushed cybersecurity to the top of the agenda for UK CEOs.
Ninety-one percent of UK CEOs are concerned about the threat of cybersecurity risks, according to PwC’s 24th Annual CEO Survey. This is the highest figure recorded since CEOs were first asked about cyber threats in the survey and an increase on last year’s figure of 80%. It is also higher than this year’s global figure of 85%.
Chris Gaines, Cyber Security Leader, PwC UK said:
“As the criticality of technology has increased over the past year, so have UK CEOs’ fears of cybersecurity threats. This heightened concern is understandable as the stakes are so much higher than they were 12 months ago. Businesses have become more aware of how reliant on the technology they are for their very survival, and as such the risk of cybersecurity attacks naturally weighs more heavily on their minds.
“The technological changes implemented over the past 12 months have not only been across businesses, but also society, and many were implemented in haste. Risk averse organisations who in different times may have taken years to plan for increased remote working made the change overnight. Organisations must now effectively, securely embed such changes while continuing to evolve and innovate.”
Cyber threats are top strategic risk for UK CEOs
When asked which top three threats are explicitly factored into their strategic risk management activities, ‘cyber threats’ was the most selected by UK CEOs and chosen by 75% of them. This was in front of ‘pandemics and other health crises’ (62%), and ‘uncertain economic growth’ (57%).
Looking ahead, 48% of UK CEOs are ‘extremely concerned’ (up from 42% last year) about the risk of cyber threats to their business growth prospects. In addition, as a result of the COVID-19 crisis, 67% of UK CEOs plan to increase long-term investment in cybersecurity and data privacy over the next three years, with 24% of UK CEOs saying they will significantly increase long-term investments.
Chris Gaines, Cyber Security Leader, PwC UK said:
“Increasing investment in cyber defences is only part of the approach CEOs should be taking. With every area of every organisation now more reliant on technology, and more reliant upon the technology of suppliers and other organisations within their ecosystem, business leaders need to appreciate the role they must play in securing their organisation.
“Securing an enterprise is far more than ensuring the CIO builds the right technical controls. It is about simplifying the organisation to be securable. It is about assessing, understanding, and managing the cyber risk impact of every business decision. And it is about recognising that much of cybersecurity risk originates from vulnerabilities outside their organisation. CEOs are right to be concerned about cybersecurity risk but the challenge they face is shaping their organisations to be securable. However, this period of change we find ourselves in presents the perfect moment to face into that challenge.”
Sourced from PwC