Cyber Security Strategy Reaching Critical Point for UK Executives
In a wide-ranging survey of UK executives, 96% have shifted their cyber security strategy due to COVID-19
34% say they are accelerating digitisation
Only 38% are very confident their cyber budget is allocated to the most significant cyber risks
42% plan to increase cyber team headcount
However, the UK responses lag behind global findings in a number of key areas such as importance of CISO role, return on cyber spend, and headcount
The increasing sophistication of cyber criminals, coupled with the rapid shift to digital technologies brought about by the coronavirus (COVID-19) pandemic has emphasised cyber security’s importance for both individual organisations and wider society.
Amidst this backdrop, PwC has launched its latest insights into what’s changing and what’s next in cyber security. The findings are based on a survey of 3,249 business and technology executives from around the world, including 265 in the UK.
Recommended AI News: Nuventive Improvement Platform Now Available in the Microsoft Azure Marketplace
Updating cyber strategy
An overwhelming 96% of UK respondents said that they will shift their cyber security strategy due to COVID-19, with half now saying they are more likely to consider cyber security in every business decision. In addition, a third of UK respondents (34%) plan to accelerate their digitalisation plans due to COVID-19.
When asked what they saw as being the most likely cyber events to impact their industry over the next 12 months, 58% of UK respondents cited an attack on cloud services, followed by a disruptionware attack on critical business services (52%) and a ransomware attack (50%).
At a global level, PwC’s research showed that the strategic focus on cyber security will lead to a more prominent role for the chief information security officer (CISO). Two-fifths (43%) of global respondents agree that there will be more frequent interactions between the CISO and CEO or board, but this falls to 34% in the UK.
This shows that more needs to be done to elevate cyber security conversations to UK boardrooms, and this could be done by better aligning cyber risk to business strategy.
Low confidence in cyber budgets
The research found that a majority of organisations lack confidence in their cyber spend. Just 38% of UK respondents are very confident their cyber budget is allocated to the most significant cyber risks, compared to 44% globally. Similarly, only 36% of UK respondents are very confident they are getting the best return on their cyber spend versus 42% globally.
Despite this lack of confidence, 56% of UK respondents are planning to increase their cyber budgets in 2021.
Richard Horne, Cyber Security Chair, PwC said: “It’s surprising that so many organisations lack confidence in their cyber security spend. It shows businesses need to improve their understanding of cyber threats and the vulnerabilities they exploit, while changing the way they think about cyber risk so it becomes an intrinsic part of every business decision.”
Recommended AI News: Verra Mobility Announces Appointment of Patrick J. Byrne to Board of Directors
Hiring for the future
When asked whether they would be expanding their cyber security teams in 2020, 42% of UK respondents said they plan to increase their headcount compared to 51% globally. However, the research also found that more than a fifth (22%) of UK organisations are planning to decrease the size of their cyber security team compared to 16% globally.
New hires in the UK are expected to possess more than just technical knowledge. When asked which cyber security skills were most in demand, UK respondents cited security intelligence (46%) and the ability to work with cloud solutions (40%) as the most important skills for new employees, closely followed by communication (38%), project management (38%) and analytical skills (37%).
This reflects the evolution of the industry, with cyber teams now required to work collaboratively with the rest of the business to develop a strategic, analytical approach to cyber security.
Daisy McCartney, Cyber Security Culture and Behaviour Lead, PwC said: “As cyber security becomes a strategic priority, organisations should be hiring talent from more diverse backgrounds. Security teams need a mix of soft and technical skills coupled with business knowledge – this helps improve collaboration with senior leaders and ensures that cyber security decisions support the organisation’s strategic goals.”
Recommended AI News: Telia Is Launching 5G Network in Lithuania