US Executives Turn to Cyber Programs for Business Enablement and Future Readiness has been saved
US Executives Turn to Cyber Programs for Business Enablement and Future Readiness
Deloitte’s “2023 Future of Cyber” survey shows cyber programs enable business strategies, build trust and better position organizations to seize future opportunities
NEW YORK, Dec. 6, 2022 — According to Deloitte’s “2023 Future of Cyber” survey, many U.S. executives turn to cybersecurity programs to enable business strategy.
The majority of U.S. executives surveyed say their organizations contended with at least one cyber event in 2022 (97%) and over half experienced more than five events in the past year (56%).
In parallel with the increasing prevalence of cyber issues, the convergence toward digital transformation and technology modernization provides an impetus for positive change, but it also creates unintended pathways to risks, vulnerabilities, attacks and failures.
At least half of the U.S. survey respondents state that building trust with customers and employees (53%) and enhancing risk management strategies (50%) are foundational for success, as well as a major factor in cultivating business for sustained growth. As such, cyber continues to be a critical business enabler for innovation and evolution, as well as a mechanism to incorporate risk mitigation across the organization.
U.S. leaders say the top business strategies that are most positively impacted by cyber investments include brand reputation improvement (44%), technology integrity confidence-building (42%), and intellectual property theft minimization (41%). Conversely, respondents report that the top concerns resulting from a cyber incident are loss of customer trust (29%), loss of intellectual property (29%), revenue loss (27%) and reputational loss (27%).
“Organizational leaders understand the competitive advantages they can reap from strong cyber programs that are treated as a business imperative,” said Deborah Golden, Deloitte Risk & Financial Advisory's U.S. Cyber & Strategic Risk leader and principal, Deloitte & Touche LLP. “Integrating a robust cyber program aligned with current and future business strategies is critical to building and restoring trust, spearheading and evolving business, and establishing future-forward approaches — each aimed at increasing organizational value with outcome-focused objectives. With a unified approach grounded in cyber resilience, organizations can differentiate themselves and be agile enough to seize future opportunities — in a world where customer trust enhances the gateway towards digital evolution.”
Some key observations from this survey include the following:
- Cyber governance is the hallmark of successful cyber programs
Cyber continues to be on the agenda for governing entities, including audit committees and U.S. boards, with over 45% of the respondents indicating that cyber topics are discussed on a monthly basis, and with 16% addressing them on a weekly basis. Beyond board-level attention, respondents also indicate that they leverage collaborative, governing entities consisting of business and technology leaders to oversee the cybersecurity program (43%) and annual cybersecurity plan updates (43%). U.S. executives also report that lack of management alignment (41%), lack of adequate funding (36%), lack of executive support (35%) and inadequate governance (34%) are the top challenges to effective cyber program management.
- Cyber is integral to digital transformation and emerging technology
Looking ahead at the next three-to-five years, surveyed U.S. executives see cyber — inclusive of and beyond security enablement — as crucial to digital transformation efforts. The areas in which respondents say cyber is most integral to emerging tech implementations include: 5G (49%), cloud (48%), IoT (41%), AI and cognitive computing (40%), and blockchain and cryptocurrency (40%).
- “Privacy by Design” and “Trust by Design” place cybersecurity as a key enabler for driving customer centricity and trust, while generating innovative products and service capabilities
Ongoing, voice-of-customer input to data privacy (61%) and comprehensive plans to protect data (61%) have been implemented by over half of the surveyed leaders. This continues to highlight the importance of privacy, as well as the need to provide education to customers on these topics to help limit the impact on trust and the probability of reoccurrence.
- Diverse cyber talent, with an established inclusive culture, will continue to be a competitive edge
Surveyed executives are working to engage, retain and develop existing cyber talent, primarily through offering training and certification programs (56%), flexible working options (54%), specialized career paths (49%), international mobility opportunities (44%) and differentiated compensation models (43%). Also, more than 30% of the U.S. executives indicate that lack of cybersecurity talent is their top concern.
“Digital transformation is imperative to many organizations’ strategic growth initiatives, providing opportunities for cybersecurity to be the foundation for business enablement and resilience while also enabling innovation with a focus on enhanced customer trust,” continued Golden. “With security built into ideation and implementation, secure, intelligent operations can be established — ultimately providing seamless integration of these technologies with business-critical initiatives throughout the enterprise.”
Golden concluded, “Organizational leaders should leverage cyber to bring value and competitive advantage to the enterprise — looking to solve unpredictable situations with an evolved approach where organizations pivot to mitigate current threats while sustaining organizational resilience, and also remaining vigilant for future opportunities.”
About the survey
As part of a global Deloitte Touche Tohmatsu Limited survey fielded in September and October 2022, 1,110 senior business and IT decision makers across 20 countries — 202 from the U.S. — were surveyed online about their organizations’ cybersecurity strategies. Within U.S. executive respondents, 81% held C-suite roles and 19% held other leadership positions.
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including nearly 90% of the Fortune 500® and more than 7,000 private companies. Our people come together for the greater good and work across the industry sectors that drive and shape today’s marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthier society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Building on more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte’s approximately 415,000 people worldwide connect for impact at www.deloitte.com.
Deloitte Cyber & Strategic Risk offers a unified approach to help you tackle obstacles, build new capabilities, and move forward fast. Leverage our breadth and depth to transform your organization, wherever you are on your journey.