As digital transformation continues to accelerate and organizations increasingly opt for cloud services, the risks posed by cyberattacks are higher than ever before. Most IT leaders understand that the security of their networks and applications is critical to their bottom line. According to PwC’s Digital Trust Insights survey, cloud security tops the list of cyber security concerns that UK senior executives consider having a significant impact on their organizations in 2023.
39% of UK senior executives are expecting cloud-based threat vectors to significantly affect their organization in 2023 as compared to 2022. 33% of them also expect attacks against cloud management interfaces to increase significantly, while 20% expect attacks on the Industrial Internet of Things (IIoT) and operational technology (OT) to rise in 2023.
In 2023, an array of long-standing cyber threats persists and remain a challenge to tackle. 27% of UK organizations anticipate that business email compromise and ‘hack & leak’ attacks will escalate substantially by the end year, while 24% are expecting ransomware incidents to emerge with greater frequency in the same time frame.
Cyberattack is the biggest organizational risk in 2023
Digital transformation efforts like cloud migration, shifting to e-commerce and digital service delivery methods, using digital currencies, and the convergence of IT and operational technology have become necessary to future-proof the business and unlock value and growth. However, two-thirds of UK senior executives report not having fully mitigated the cyber risks associated with digital transformation.
The C-Suite is becoming increasingly aware of the risks posed by cyber threats, which could have devastating repercussions for organizational resilience. It appears that UK organizations are prioritizing preparing for those scenarios above all else in 2023; an astonishing 48% cite a “catastrophic cyber attack” as their top risk concern – surpassing even global recession (45%) and resurgence of COVID-19 (43%).
However, more work is required to make sure organizations are safe from cyberattacks. As per the survey, 43% of UK senior executives still focus on just one type of risk and how to recover from it. What is needed is a more effective approach that includes understanding all the different types of risks the organization faces and how to continue operations across all of them at the same time.
50% of UK senior executives say that they wait for a problem to happen before they make a plan to deal with it. They focus on what to do after the problem happens, instead of trying to prevent the problem or being prepared for it. 47% of the executives say they have a formal way to coordinate their resiliency plan, including what to do in a crisis, how to respond to an incident, and how to collect information about threats.
3 critical factors to successfully mitigate cyber threats in 2023
- Strong leadership
Senior executives in the UK agree that strong leadership is the critical factor for achieving improved cybersecurity outcomes in the next year and a half. Leadership from top-level executives must demonstrate their commitment to cybersecurity measures through effective communication, removing any barriers within an organization that obstruct cohesive C-Suite coordination between all stakeholders. - Data analytics capabilities on cyber and privacy activities
Senior executives emphasize the importance of data analytics in cyber security transformation – which can be used to optimize threat detection and identify risk, enabling more strategic decisions that consider business goals and potential threats. Advanced Analytics coupled with AI can play an instrumental role in protecting organizations from cyber-attacks by optimizing investments in cybersecurity initiatives. - Cybersecurity awareness among employees
To enable secure digital transformation and promote innovation, UK business leaders recognize the need for a balanced approach to investing in people and technology. According to the survey, almost half (46%) reported plans to increase human-led capabilities while 40% plan on increasing their use of technological solutions. It is also essential that talent pools are diversified beyond certifications or tech degrees – executives agree that successful cyber security transformations depend upon educating all employees regarding potential risks they may introduce unknowingly.
Source: PricewaterhouseCoopers
Read next: Global cyberattacks increase by 38% in 2022, reveals Check Point Research