More than half (58%) of businesses feared an attack on their cloud services to be the most likely cyber incident, according to the PwC survey
An overwhelming 96% of UK executives said that they will shift their cyber security strategy due to COVID-19, according to a new study by PwC.
Half of the 256 business and technology executives surveyed revealed that they are more likely to consider cyber security in every business decision, while a third (34%) are planning to accelerate their digitalisation plans due to COVID-19.
The PwC survey found that a large number of businesses (58%) feared an attack on their cloud services would be the most likely cyber incident to impact their company over the next 12 months. This was followed by a disruptionware attack on critical business services (52%) and a ransomware attack (50%).
However, only 34% of UK respondents agreed that the strategic focus on cyber security will emphasise the role of the chief information security officer (CISO). In comparison, close to half (43%) of the 3,249 surveyed executives said they believe this shift will lead to more frequent interactions between the CISO and CEO or the company’s board.
According to PwC, this means that UK boardrooms should learn to prioritise cyber security conversations and align cyber risk with business strategy.
UK organisations were also found to be less confident about the ways their cyber security budget is spent. Only 38% of UK respondents expressed confidence about the allocation of their cyber budget, compared to 44% globally. Similarly, only 36% of UK respondents revealed that they were very confident that they are getting the best return on their cyber spend, in comparison to 42%.
However, in spite of this lack of confidence, more than half (56%) of surveyed UK executives revealed plans to increase their cyber budgets in 2021.
PwC cyber security chair Richard Horne said that “it's surprising that so many organisations lack confidence in their cyber security spend”.
It shows businesses need to improve their understanding of cyber threats and the vulnerabilities they exploit, while changing the way they think about cyber risk so it becomes an intrinsic part of every business decision, he added.
One way to improve collaboration with senior leaders as well as ensure the alignment of cyber security decisions with the business’ strategic goals is to hire “talent from more diverse backgrounds”, according to PwC Cyber Security Culture and Behaviour lead Daisy McCartney.
Security teams need a mix of soft and technical skills coupled with business knowledge, she said.