Respondents to the Deloitte Global’s 2021 Future of Cyber Survey observed that the acceleration of digital transformation has also resulted in a significant increase in cyberattacks at their companies this year.
How organizations are prioritizing digital transformation initiatives
Despite the elevated risk environment, however, leaders plan to continue to invest heavily in digital transformation—with 94% of chief financial officer (CFO) respondents looking to move their financial systems or Enterprise Resource Planning (ERP) to the cloud.
Emily Mossburg, Deloitte global cyber leader added that “As the complexities of integrated environments continue to grow, leaders must prioritise incorporating cyber into every part of their business or risk the consequences of inadequate cyber protections.”
DX heightens the need for cyber strategies
With more than half of businesses experiencing an increase in threats to their organisations throughout 2020, the risks have never been higher as the shift to remote and hybrid working becomes more common for businesses worldwide.
Organisations are continuing to face challenges balancing investments in digital transformations to remain competitive while protecting their systems from potential breaches.
A clear plurality of the chief information officers (CIOs) and chief information security officers (CISOs) surveyed (41%) acknowledge that transformation and gaining visibility across increasingly complex hybrid ecosystems is the greatest challenge they face.
The wave of Zero Trust
In building a technology-forward, protected enterprise, the survey suggests the areas causing CIOs and CISOs the most significant challenge in managing cyber risk are transformation/hybrid IT (41%) and cyber hygiene (26%).
Companies are leveraging Zero Trust—a set of architectural guidelines that are based on the fundamental principle of “never trust, always verify”—to bridge the gap between business, IT and cyber domains reducing operational complexity and simplifying ecosystem integration.
Businesses that leverage Zero Trust are leading the way in organisational change to better enable digital transformation by building security infrastructures to handle the speed of these transformations.
Editor's Choice: PodChats for FutureCIO: Integrating zero trust into existing security architectures
Investing in cyber equals investing in the CISO
With hackers becoming savvier, organisations are more inclined to increase their cyber defence budgets. Almost 75% of surveyed leaders with more than US$30 billion in revenue reported they will spend more than US$100 million on cybersecurity protections this year.
Organizations' cyber budget is somewhat evenly spread to broadly mitigate risk
These investments are being relatively evenly spread to broadly mitigate risk although greater attention is given to threat intelligence, detection and monitoring; cyber transformation; and data security.
The convergence of technological prowess and increased cyber risk are changing the roles of today’s CISOs. As technology integrates further into daily business initiatives, so should the CISO’s responsibilities.
The survey also noted an increase of CISOs reporting to CEOs, going from 32% in 2019 to 42% in 2021 in the United States, and reaching 33% globally.
This alignment allows for greater transparency on business initiatives and enhanced engagement at most levels – most importantly with C-suite executives like CFOs and chief marketing officers (CMOs) whose relationships with the CISO are critical in mitigating risk and creating authentic, safe customer experiences.
Over the next three years, CIOs and CISOs will continue to prioritise cyber. Respondents ranked security capabilities (64%), enhancing privacy capabilities (59%), demonstrating compliance capabilities (50%), and improving business efficiency and intelligence (45%) as the drivers for their adoption of emerging technologies.
Among respondents from organisations headquartered in Asia Pacific, enhancing privacy capabilities is the top driver of the adoption of emerging technologies (63%), followed by security capabilities (49%) and demonstrating compliance capabilities (49%).
Dave Kennedy, Deloitte Asia Pacific Risk advisory leader says it is becoming apparent that the journey can either enhance business performance or amplify and spread risk.
For cyber security to be effective, he suggested the break down institutional silos and getting lines of business to collaborate on cybersecurity.
“In recognising the functionality of data and its ability to drive business outcomes and customer experiences, it is equally important to appreciate how it creates value over the long run. The foundation of sustaining and preserving shareholder value in an increasingly connected world lies in the ability to manage cyber and data,” concluded Thio Tse Gan, Deloitte Southeast Asia cyber leader.