Organisations are failing to prepare effectively for cyberattacks, says PwC

Information Technology Press Releases Wednesday December 27, 2017 15:56
Bangkok--27 Dec--PwC Thailand
Leadership commitment, resilience and collaboration critical to success

Forty percent of survey respondents cite the disruption of operations as the biggest consequence of a cyberattack, followed by the compromise of sensitive data (39%), harm to product quality (32%), and harm to human life (22%).

Forty-four percent of the 9,500 executives in 122 countries surveyed say they do not have an overall information security strategy.
Forty-eight percent do not have an employee security awareness training programme, and 54% don't have an incident-response process.
When cyberattacks occur, most victimised companies say they cannot clearly identify the culprits. Only 39% of survey respondents say they are very confident in their attribution capabilities.

Massive cybersecurity breaches have become almost commonplace, regularly grabbing headlines that alarm consumers and leaders. But for all of the attention such incidents have attracted in recent years, many organisations worldwide still struggle to comprehend and manage emerging cyber risks in an increasingly complex digital society.

Today, PwC launched its 2018 Global State of Information Security(R) Survey (GSISS), based on responses of more than 9,500 senior business and technology executives from 122 countries.

Executives worldwide acknowledge the increasingly high stakes of cyber insecurity. Forty percent of survey respondents cite the disruption of operations as the biggest consequence of a cyberattack, 39% cite the compromise of sensitive data, 32% cite harm to product quality, and 22% cite harm to human life.

Yet despite this awareness, many companies at risk of cyberattacks remain unprepared to deal with them. Forty-four percent say they do not have an overall information security strategy. Forty-eight percent say they do not have an employee security awareness training programme, and 54% say they do not have an incident-response process.

How cyber interdependence drives global risk

Case studies of non-cyber disasters have shown that cascading events often begin with the loss of power—and many systems are impacted instantaneously or within one day, meaning there is generally precious little time to address the initial problem before it cascades. Interdependencies between critical and non-critical networks often go unnoticed until trouble strikes. Many people worldwide—particularly in Japan, the United States, Germany, the United Kingdom and South Korea—are concerned about cyberattacks from other countries. Tools for conducting cyberattacks are proliferating worldwide. Smaller nations are aiming to develop capabilities like those used by larger countries. And the leaking of US National Security Agency (NSA) hacking tools has made highly sophisticated capabilities available to malicious hackers.

When cyberattacks occur, most victimised companies say they cannot clearly identify the culprits. Only 39% of survey respondents say they are very confident in their attribution capabilities.

The soaring production of insecure internet-of-things (IoT) devices is creating widespread cybersecurity vulnerabilities. Rising threats to data integrity could undermine trusted systems and cause physical harm by damaging critical infrastructure.

Meanwhile, there is a wide disparity in cybersecurity preparedness among countries around the world. In our 2018 GSISS, the frequency of organisations possessing an overall cybersecurity strategy is particularly high in Japan (72%), where cyberattacks are seen as the leading national security threat, and Malaysia (74%).

In May 2017, G-7 leaders pledged to work together and with other partners to tackle cyberattacks and mitigate their impact on critical infrastructure and society. Two months later, G-20 leaders reiterated the need for cybersecurity and trust in digital technologies. The task ahead is huge.

Next steps for business leaders
So what can business leaders do to prepare effectively for cyberattacks? PwC recommends three key areas of focus:

C-suites must lead the charge and boards must be engaged: Senior leaders driving the business must take ownership of building cyber resilience. Setting a top-down strategy to manage cyber and privacy risks across the enterprise is essential.

Pursue resilience as a path to rewards—not merely to avoid risk: Achieving greater risk resilience is a pathway to stronger, long-term economic performance.

Purposefully collaborate and leverage lessons learned: Industry and government leaders must work across organisational, sectoral and national borders to identify, map, and test cyber-dependency and interconnectivity risks as well as surge resilience and risk-management.

"Few business issues permeate almost every aspect of business and commerce like cybersecurity does today," said David Burg, Global Cybersecurity Leader at PwC. "Public-private coordination is critical to effectively addressing cybersecurity."

Vilaiporn Taweelappontong, Lead Consulting Partner of PwC Thailand, said:

"While companies globally and in Thailand invest in some of the most advanced technologies, they are simply forgetting to look at cybersecurity in their own backyard. This has put them at risk and is holding back most companies from growth.

"With this in mind, Thai firms must rethink their cybersecurity strategies and have proper measures in place to become successful and grow."

Latest Press Release

IRPC empowers 5,000 employees with digital training from SkillLane

IRPC Public Company Limited (IRPC) today has signed a cooperation agreement with SkillLane – Thailand's number one digital training platform – to digitize corporate training for their 5,000 employees. This agreement opens up opportunities for...

From Ancient Capital to High-Tech Hub: Xi#an to Host Tech-World Leaders for the Global Programmer#s Festival 2018.

On September 10th, 2018 it was announced that the ancient Silk Road capital, and China's most internationally investible city, Xi'an, will become the 'spiritual home' of programming once more as it hosts the 2nd Global Programmers Festival this October...

Polyplastics Confirms Viability of PPS for Bump-off Molding of Automotive Engine Cooling Systems

Polyplastics Co., Ltd., a leading global supplier of engineering thermoplastics, has completed an extensive study which confirms the viability of polyphenylene sulfide (PPS) for bump-off molding of automotive engine cooling systems. Polyplastics' linear...

HealthifyMe Works With CleverTap to Deliver Personalized User Experiences

CleverTap, a leading mobile marketing platform, today announced that HealthifyMe, India's largest and most loved health and fitness app, is using their advanced marketing automation platform to drive growth through personalized user experiences. (Logo:...

Join in Thailand Big Bang with ZTE together to Shape Thailand Big Data

Big Data will reshape the human society, not only a great step to intelligent digital life ,but also guiding and analyze from individual person to entire human society, and, 5G networks will also be a critical part on the map of Big Data. At Big Bang...

Related Topics