《普華永道:2024高管策略指南:將安全置于創新的核心-2024年全球數字化信任洞察報告關鍵發現(英文版)(20頁).pdf》由會員分享,可在線閱讀,更多相關《普華永道:2024高管策略指南:將安全置于創新的核心-2024年全球數字化信任洞察報告關鍵發現(英文版)(20頁).pdf(20頁珍藏版)》請在三個皮匠報告上搜索。
1、PwC|2024 Global Digital Trust Insights1The C-suite playbook:Putting security at the epicenter of innovationFindings from the 2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights2PwC|2024 Global Digital Trust Insights2While excitement and budgets are rising for cutting-edge securi
2、ty programmes,progress on actually improving security is sluggish,even stagnant.PwCs 2024 Global Digital Trust Insights survey of 3,876 business and tech executives at the largest global companies 30%of respondents have revenues of$10 billion or more shows considerable room for improvement in cybers
3、ecurity.Consider these findings.Breach costs and the number of high-dollar breaches continue to increase.Although cloud attacks are the top cyber concern,about one-third of organisations have no risk management plan to address cloud service provider challenges.Only half are very satisfied with their
4、 technology capabilities in key cybersecurity areas.More than 30%of companies dont consistently follow what should be standard practices of cyber defence.Security at the epicenter of innovation:Thats not the world we live in today,but what if it were?Imagine a world with security at the epicenter of
5、 innovation the field where bright ideas and bold ambitions flourish.Imagine the CISO right there,working to secure the organisations lofty ambitions and prized assets.We note 179 respondents who seem to be doing just that.These top 5%our stewards of digital trust are reaping benefits that others ar
6、e missing.Theyre experiencing fewer breaches,and the attacks that do hit them arent as costly.Managing risk is easier because theyve streamlined their security solutions.And theyve positioned themselves for greater productivity and faster growth,outpacing the competition as they plunge into new tech
7、nologies with confidence that they are well protected.PwC|2024 Global Digital Trust Insights3Q26.Please indicate how consistently your organisations cybersecurity team does the following.Base:All respondents=3876Source:PwC,2024 Global Digital Trust Insights.Defence25%50%75%100%0%Growth disposition96
8、%30%94%25%96%28%91%23%88%23%85%21%93%22%91%24%84%21%93%23%Top 5%All respondentsPercentage who say that their cyber teams usually(80%to 100%of the time)do thisResponds quickly to threats so our organisation can emerge stronger from disruptions Incorporates data security and privacy features into prod
9、ucts,services,and third-party relationships Puts controls in place throughout the organisation to prevent serious cyber disruptions Allocates cyber budget to the top risks of the organisation Maintains relationships with public sector at all administrative levels to build resilienceCollaborates with
10、 other parts of the business that affect the organisations cybersecurity posture(e.g.,software engineer-ing,product management,procurement,marketing,etc.)Anticipates future cyber risks,given the macro environment and the business strategy Communicates our cyber strategy and practices in a way that h
11、elps our organisation earn the trust of customers and business partners Expedites digital and other major transformation initiatives of our organisation(e.g.,designing security and privacy into new products and services)Brings insights on changing cyber risk exposure and mitigation measures to the C
12、EO and board Meet our stewards of digital trustPwC|2024 Global Digital Trust Insights4With technology now at the heart of business,safeguarding it is tantamount to protecting the enterprise.Thats why in 2023,PwC created a playbook for C-level executives to help each C-level executive focus on the qu
13、estions they need to answer with their CISO.Weve updated the playbook for 2024.This is likely to be a watershed year.Cybersecurity faces four major shifts,each of which could be disruptive on its own.C-suite insistence on modernising and improving technology infrastructure and investments in a year
14、of cost-cutting and macroeconomic uncertainty.The rise of hybrid cyber threats and the blurring of the line between espionage and cybercrime,propelling cyber defence more fully into the national security arena.9 degrees of separation:Top performers vs the rest6x more likely to have already implement
15、edtransformative cybersecurity initiatives from whichthey are realising benefits.Top 5%are:5x more likely to be very satisfied with their currentcyber technology capabilities.4x more likely to be continually updating their riskmanagement plan to mitigate cloud risks.9x more likely to be mature in th
16、eir cyber resiliencepractices.Top 5%are more likely to:Invest more into cyber budget,with 85%increasingtheir cyber budget in 2024(vs 79%overall),of which19%are increasing cyber budget in 2024 by 15%ormore,compared to 10%overall.Say their most damaging cyber breach in the last threeyears cost them le
17、ss than$100k(28%vs 19%overall).Strongly agree their organisation will develop newlines of business using generative AI(GenAI)(49%vs 33%overall).Plan to deloy GenAI tools for cyber defence(44%vs 27%).Disagree that GenAI will lead to a catastrophiccyber attack(33%vs 22%overall).Source:PwC,2024 Global
18、Digital Trust Insights.9 degrees of separation:top performers vs the rest A groundbreaking new technology generative AI bringing new threats as well as unprecedented promise for defence.Regulations requiring openness about cyber incidents and risk management practices that could usher in a new era o
19、f transparency and collaboration.Businesses are reinventing themselves.Policymakers are thinking of new regulatory approaches.Are your senior executives being similarly innovative in the way they secure their organisations?How bold can you be,and what might you do differently?PwC|2024 Global Digital
20、 Trust Insights5Cyber risk management:Ripe for reinventionInnovation means making bold moves,and theres nothing more empowering than knowing that youve done whats possible to remain safe and secure that youve assessed and addressed your most important cyber risks.Mitigating cyber risk is a top prior
21、ity for 2024,according to PwCs 2024 Global Digital Trust Insights survey.After dropping to fourth place in last years PwC CEO Survey,its now second for our respondents,behind only digital and Digital tops the risk list in two waystechnology risks on the list of prioritized risks.And in the minds of
22、our respondents,digital and technology risks are inextricable from cyber risk.In todays business climate,we simply cant talk about digital transformation or reinvention without mentioning cybersecurity in the same breath.Cloud attacks and attacks on connected devices are the cyber threats our respon
23、dents are most concerned about two technologies at the heart of business transformation today.Risk mitigation priorities over the next 12 months(Ranked top three)Digital and technology risks(adverse consequence from new or frontier technologies,inability to execute digital transformation initiatives
24、,digital)Cyber risks(hacking,ransomware,surveillance)Macroeconomic volatility(demand and supply shocks in the economy that could negatively affect the business,debt crises,asset bubble burst)51%43%41%Q1.Which of the following risks is your organisation prioritising for mitigation over the next 12 mo
25、nths?(Ranked in top three).Base:All respondents=3876Source:PwC,2024 Global Digital Trust Insights.5PwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights6These cyber threats themselves are connected.Once malicious actors break into systems and networks,they often wreak havoc in
26、 as many ways as possible.What may start as a cloud breach could very well become an advanced persistent threat as bad actors lurk inside your system collecting data and looking for other ways to do harm.They might exfiltrate your data,then launch a ransomware attack,then leak the data(“hack and lea
27、k”)even if you pay the ransom.Any one of these incidents would be problematic on its own.Taken all together,they can devastate your business operations and your reputation.Mega breaches are increasing in number and scale and cost.The percentage of those reporting costs of$1 million or more for their
28、 worst breach in the past three years rose to 36%from 27%last year.The pace of business reinvention and innovation using technology is not slowing down.Not when 40%of CEOs think their companies may no longer be economically viable a decade from now if they stay on their current path.The C-suite chal
29、lenge is this:Is your organisations cyber risk management keeping up with the changes?The C-suite challenge is this:Is your organisations cyber risk management keeping up with the changes?Everything is connected,including cyber attacksCloud-related threatsAttacks on connected devicesHack-and-leak op
30、erationsThird-party breachRansomwareDisinformationUnsureBusiness email compromise/account takeoversSoftware supply-chaincompromiseDistributed denial-of-service attacksExploits of zero-dayvulnerabilitiesQ3.Over the next 12 months,which of the following cyber threats is your organisation most concerne
31、d about?(Ranked in top three).Base:All respondents=3876Source:PwC,2024 Global Digital Trust Insights.47%42%37%29%29%25%23%17%17%15%1%Top cyber threats over the next 12 monthsBreaches are becoming more costlyQ5.Thinking about the most damaging data breach you experienced in the past three years,pleas
32、e provide an estimate of the cost to your organisation.Base:Security and IT and CFO respondents=1651Source:PwC,2024 Global Digital Trust Insights.$1M-$9M23%16%20242023$10M-$19M9%7%Consumer$20M or more4%4%Estimated costs to organisations most damaging data breach in the past three yearsPercentage who
33、 say they had a$1M+breach:2024 total=36%,2023 total=27%Average cost of breach in millions and percentage of most damaging breaches that cost$1 million or more,by sectorQ5.Thinking about the most damaging data breach you experienced in the past three years,please provide an estimate of the cost to yo
34、ur organisation.Base:Security and IT and CFO respondents=1651Source:PwC,2024 Global Digital Trust Insights.$1M-$9M23%16%47%$5.3M43%$4.8M38%$5M37%$4.2M33%$4.1M28%$3.2MHealth-careTech,Media&TelecommFinancial Services Energy,Utilities&ResourcesIndust.&AutoRetail&Consumer$20M or more4%Estimated costs to
35、 organisations most damaging data breach in the past three yearsPercentage who say they had a$1M+breach:2024 total=36%,2023 total=27%Average cost of breach in millions and percentage of most damaging breaches that cost$1 million or more,by sectorQ5.Thinking about the most damaging data breach you ex
36、perienced in the past three years,please provide an estimate of the cost to your organisation.Base:Security and IT and CFO respondents=1651 Source:PwC,2024 Global Digital Trust Insights.PwC|2024 Global Digital Trust Insights7Modernisation and optimisation top the cyber-investment priorities for 2024
37、.Nearly half(49%)of the business leaders selected technology modernisation,including cyber infrastructure,and 45%chose optimisation of existing technologies and investments.In our 2022 survey we found that CEOs in particular were very concerned that their organisations had become too complex to secu
38、re.At that time,32%had consolidated technology vendors in an effort to simplify,as well as realign their mix of managed and in-house services.In the 2024 survey,44%report using an integrated suite of cyber tech solutions,and 39%plan to move to one in the next two years.Nearly one-fifth 19%say they h
39、ave too many cyber solutions and need to consolidate.An overabundance of point solutions may be one reason why only 5%of IT and tech respondents say theyre very satisfied with the technology capabilities of their cyber solutions in all eight key areas.Software that doesnt work together can hinder pe
40、rformance,require more time to manage and impede the big-picture view thats essential to managing cyber risk.Those whove already been hit know this.Our survey respondents who have had data breaches costing$1 million or more in the past three years are more likely to acknowledge that they have too ma
41、ny cybersecurity solutions and need to integrate them.On the other hand,organisations that use cohesive cyber-solution suites are more often able to avoid the big,costly breaches.Simplification of cyber tools:The bane of bad actors7PwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust
42、Insights82024 cyber budgets aim to make the most of existing toolsModernisation of technology,including cyber infrastructureOptimisation of current technology and investmentsOngoing improvements in risk posture based on cyber roadmapOngoing security training 49%45%42%40%Q14b.Which of the following i
43、nvestments are you prioritising when allocating your organisations cyber budget in the next 12 months?(Ranked in top three).Base:Business respondents=1925Source:PwC,2024 Global Digital Trust Insights.Business leaders-Cybersecurity investment priorities over the next 12 months(Ranked top three)Still,
44、survey respondents arent pulling in the reins on spending.More than three-quarters(79%)say theyll increase their cyber expenditures in 2024(up from 64%last year),especially large organisations with revenues of$5 billion or more.Those planning larger budget increases of more than 15%tend to be enterp
45、rises with$50 billion or more in revenues,or in tech,media and telecom industries,or those that project higher revenue growth in the next year.Cyber investments are also making up a larger proportion of the total IT,OT and automation budget.Were seeing a mean increase overall to 14%in 2024 versus 11
46、%for 2023.The C-suite challenge isnt a lack of tools or a lack of investment.Instead,its figuring out how your organisation can reap the benefits of your investments.Is your IT architecture too complex to adequately protect?Are you making it easy for threat actors to find gaps in your defence?Only h
47、alf are satisfied with their cyber-tech capabilitiesNetworking/Firewall/VPN TechnologiesCloud securitySecurity management and governanceEndpoint detection and responseData security andprivacyIdentity and access managementSupply chain securitySecurity orchestration,automation,and response(SOAR)56%53%
48、52%52%52%50%43%42%41%Only 5%of security and ITrespondents are very satisfiedacross all areasOrganisations technology capabilities in keycybersecurity areasIndustrial internet of thingsand control systemsQ23.How satisfied are you with your organisations technology capabilities in the following areas?
49、Base:Security and IT respondents=1517Source:PwC,2024 Global Digital Trust Insights.PwC|2024 Global Digital Trust Insights9 9Cloud security:top threat,top investment yet poorly managedQ3.Over the next 12 months,which of the following cyber threats is your organisation most concerned about?(Ranked in
50、top three)Base:All respondents=3876Q14a.Which of the following investments are you prioritising when allocating your organisations cyber budget in the next 12 months?(Ranked in top three)Base:IT respondents=1919Q19.To what extent has your organisation addressed the following challenges with your clo
51、ud service provider(s)?Base:Cloud provider users=3648Source:PwC,2024 Global Digital Trust Insights.47%Top threatTop cyber investment33%Implemented and continuallyupdating risk management plan 3%Cloud use has always been about business innovation enabling developers to collaborate no matter where in
52、the world they might be;adopting new,more flexible ways to work;inventing new business models;connecting technologies to help better operate the business;providing superior service to customers and clients;and so on.Cloud security:Overdue for concerted attentionCloud security is the No.1 cyber risk
53、concern for nearly half(47%)of our respondents.The ways bad actors might get in may seem virtually limitless.Organisations should place controls everywhere:on identity and access,lateral movement,email accounts,website portals,applications,proprietary information,customer interactions,operating syst
54、ems,connected devices,the list goes on.PwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights10Organisations position on cloud service provider challengesDisaster recovery and back-upShared responsibility with the cloud service provider Discovery/records managementContract nego
55、tiation with cloud service providerThird-party riskData mapping/data use issuesConcentration riskFragmented regulationsInability to grow in-house talent incloud disciplines(eg,cloud engineering)Q19.To what extent has your organisation addressed the following challenges with your cloud service provid
56、er(s)?Base:Cloud provider users=3648Source:PwC,2024 Global Digital Trust Insights.Implemented a plan and continually updated Implemented a risk management planYet to address challenges 38%31%30%32%35%33%34%36%30%32%36%32%33%36%31%33%38%30%28%41%31%27%42%31%26%43%31%Many of our respondents 42%use mor
57、e than one cloud,and concerns over cloud security increase among users of multiple hybrid clouds.Fifty-four percent of these respondents cite cloud as their most pressing cybersecurity risk.Hybrid cloud users are also the most likely to select cloud among their top three priorities for security inve
58、stments over the next year(36%as opposed to 33%overall).But nearly every organisation 97%has gaps in its cloud risk management plan.Only 3%maintain up-to-date plans that address all nine cloud security areas.Risks posed by fragmented regulations,for instance,have yet to be addressed by 42%;41%have n
59、o plan for dealing with concentration risk;36%havent yet addressed third-party cloud risk.The top 5%our“stewards of digital trust”are four times more likely to be continually updating their risk management plan to mitigate cloud risks.The remainder of our respondents,however,have yet to do so much o
60、f this critical work.The C-suite challenge is this:How do you work together and with your cloud security providers to make headway in defending the most important entry points to your systems and assets via the cloud?So many cloud risks,so few plans to manage themPwC|2024 Global Digital Trust Insigh
61、ts11GenAI for cyber defenceNearly seven in 10 say their organisation will use generative AI(GenAI)for cyber defence.GenAI tools can help reduce a disadvantage for cyber teams overwhelmed by the sheer number and complexity of human-led cyber attacks,both of which continually increase.Generative AI fo
62、r cyber defence on the rise11Q7.To what extent do you agree or disagree with the following statements about Generative AI?Q10.To what extent is your organisation implementing or planning to implement the following cybersecurity initiatives?Base:All respondents=3876Source:PwC,2024 Global Digital Trus
63、t Insights.69%More than two-thirds(69%)say theyll use GenAl for cyber defence in the next12 months.47%Nearly half(47%)are already using it for cyber risk detection and mitigation.21%One-fifth(21%)are already seeing benefits to their cyber programmes because of GenAl mere months after its public debu
64、t.PwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights12Platforms are licensing their large language models(LLMs)in tandem with their cyber tech solutions.Microsoft Security Copilot intends to provide GenAI features for security posture management,incident response and securi
65、ty reporting.Google announced Security AI Workbench for similar use cases.Many vendors are pushing the limits of GenAI,testing whats possible.It could be some time before we see broad-scale use of defenceGPTs.In the meantime,here are the three most promising areas for using GenAI in cyber defence.Th
66、reat detection and analysis.GenAI can be invaluable for proactively detecting vulnerability exploits,rapidly assessing their extent whats at risk,whats already compromised and what the damages are,and then presenting tried-and-true options for defence and remediation.GenAI can help identify patterns
67、,anomalies and indicators of compromise that elude traditional signature-based detection systems.The C-suite challenge is this:How do you wield the new tools without inviting new risks to flare up in the organisation and in society?What should you do to use GenAI ethically and responsibly?Cyber risk
68、 and incident reporting.GenAI might also make cyber risk and incident reporting much simpler.With the help of natural language processing(NLP),GenAI can turn technical data into concise content that nontechnical people can understand.It can help with incident response reporting,threat intelligence,r
69、isk assessments,audits and regulatory compliance.And it can present its recommendations in terms that anyone can understand,even translating confounding graphs into simple text.Adaptive controls.Securing the cloud and software supply chain requires constant updates in security policies and controls
70、a daunting task today.Machine learning algorithms and GenAI tools could soon recommend,validate and draft security policies and automate controls that are tailored to an organisations threat profile,technologies and business objectives.PwC|2024 Global Digital Trust Insights1313The mainstream view is
71、 that new rules and regulations hinder revenues,but heres the take of at least one-third of respondents:The guardrails regulators put up can give companies added confidence to explore,experiment,invent and compete.Navigating regulatory requirements can become a competitive advantage for leading comp
72、anies.About a third of this years respondents agree that four types of regulation will be most important to securing the future growth of their organisation regulation of AI(37%),harmonisation of cyber and data protection laws(36%),Regulations:Providing a safe place to play and growmandatory reporti
73、ng of cyber risk management,strategy and governance(35%)and operational resilience requirements(32%).Transparency is the regulatory drumbeat that will grow louder around the world.New SEC rules require public disclosure of cybersecurity breaches deemed to have a potential material effect on investor
74、s.The Digital Markets Act and the Digital Services Act require transparency in data practices and algorithmic decision-making.And regulations are on the horizon governing AI including an EU AI Act in the works and GenAI regulation.Regulation of artificial intelligenceHarmonised cyber and data protec
75、tion laws in the region(s)where we operateMandatory reporting of cyber riskmanagement,strategy,and governanceHarmonised privacy rights and/or protection in region(s)where we operateRegulatory requirements for operational resilienceMandatory reporting of incidents infinancial reporting and disclosure
76、sShifting the liability for cyberfailures to specific companiesRegulation of cryptocurrencyand other digital paymentsMaking specific seniorexecutives liable for negligenceMandatory reporting to law enforcementUnsure 37%36%35%32%32%26%25%19%18%18%2%Q24.Which of the following proposed regulatory goals
77、 and principles will have the greatest impact on your organisations ability to secure future revenue growth?(Ranked in top three).Base:All respondents=3876Source:PwC,2024 Global Digital Trust Insights.Regulatory goals and principles with the greatest impact to organisations future revenue growth(Ran
78、ked top three)Regulations that could change cybersecurityPwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights14Operational resilience is another important theme.Regulators know that its a big risk to approach the challenge of interrelated and complex risks as many C-suite tea
79、ms still habitually do as a silo-based exercise that treats each business units risk profile as separate.New requirements such as the Digital Operational Resilience Act will increasingly insist on integrated resilience with core elements that make an organisation adaptive,flexible and stronger after
80、 every disruptive event.As many as three-quarters expect that compliance with these regulations will require significant outlays of money and time.Incurring high costs and revenue impacts may be avoidable,The slow progress on cyber resilienceif businesses involve themselves early and often in regula
81、tory processes meeting with law enforcement,for example,participating in public comments and even taking a seat at the table with regulators to help craft or influence proposed directives.The C-suite challenge is this:Amid regulatory uncertainty,can you give your organisation the room to innovate wh
82、ile keeping security and privacy by design?How do you turn this new regulatory environment as a source of competitive advantage?Identifying critical business processesImplementing cyber recovery technology solutions(including immutable backups/isolated recovery environment)Developing cyber recovery
83、playbook for IT-loss scenariosEstablishing protocols with major technology providers(cloud,device manufacturers,managed services)to coordinate incident responsesReporting to external stakeholders(regulators,investors)Establishing a resilience team with members from functions like Business Continuity
84、,Cyber,Crisis Management and Risk ManagementMapping technology dependenciesSharing information with industry peers,throughformal processes,to prevent systemic risks Establishing relationships with locallaw enforcement to help with analysis and responseQ8.To what extent is your organisation implement
85、ing or planning to implement the following cyber resilience actions?Base:All respondents=3876 Source:PwC,2024 Global Digital Trust Insights.35%29%32%28%32%27%33%25%33%25%33%25%33%24%31%24%32%23%Only 2%are optimising and continuously improving across all areasOptimising and continuous improvement Imp
86、lemented across the organisationExtent of implementation for key cybersecurity resilience actionsPwC|2024 Global Digital Trust Insights1515Its no longer business-as-usual at your organisation.But most companies are still locked into cyber-as-usual,as the 2024 Global Digital Trust Insights survey sho
87、ws.Fragmented initiatives.An ever-expanding array of technological complexities.A risk management programme that,with its gaps,is risky in itself.Transformations Regulations that could change cybersecurityDare to break cyber-as-usual:The 2024 C-suite playbookQ10.To what extent is your organisation i
88、mplementing or planning to implement the following cybersecurity initiatives?Base:All respondents=3876.Analysis technique utilised is factor analysisSource:PwC,2024 Global Digital Trust Insights.Implemented and realising benefitsImplemented across the organisation but not realising benefits yet 24%2
89、7%22%26%28%28%26%28%25%28%23%28%22%27%22%21%27%26%Creating or improving Business UnitInformation Security Officer(BISO)rolesDeveloping a new model for DevSecOps to better integrate security and technology developmentMoving to fusion centreCreating a new operating modelfocused on business enablementU
90、sing large language models or generativeAl in risk detection and mitigationUsing managed services in new areasUsing data to quantify cyberrisks and allocate cyber budgetsIntegrating fully with the organisationsresilience strategy and activitiesShifting to zero trust conceptThe top initiatives in thi
91、s chart are cyber-focused;the bottom,business-focusedand projects that dont produce the results you want.These stumbling blocks and others remain in the way of cybersecurity thats truly trustworthy.In the 2023 playbook,we identified critical challenges that C-suite executives should address together
92、,as partners.These are still relevant.PwC|2024 Global Digital Trust InsightsPwC|2024 Global Digital Trust Insights16In 2024,were raising the challenge:Do you dare,as a C-suite leader,to break out of the stasis and make the one or two bold moves that will matter most for your organisation?Or to take
93、that one imaginative leap that could finally clear the hurdles blocking your company from its goals?We see some enterprises already picking their best bets.The array of options is broad.Whats right for your organisation?PwC|2024 Global Digital Trust Insights16PwC|2024 Global Digital Trust Insights17
94、Placing yourself at the epicenter of innovation means meeting your leadership teams where they are and helping them to overcome the intimidation they might feel regarding what you do.Using insider terms such as cyber landscape,attack surface and even zero trust can only further mystify those outside
95、 your profession.Speak a new language.Dare to talk about cyber in business-speak,tech-speak,finance-speak or everyday-speak.Speak to your customers,investors and business partners in annual security reports in ways that inform and engage.Using common vocabularies can help executives wrestle with the
96、 trade-offs,tensions and chaos that inevitably happen at the epicenter of innovation.Use more sophisticated approaches to cyber-risk modeling such as scanning for threats using formulas specific to your companys sector,vision and strategy.Create a risk-linked performance incentive for every bonus-el
97、igible employee in the company,to build a risk culture.Invent new ways to find Try bold,new ways of managing cyber risk.and strengthen your weaknesses,perhaps with a modern bug bounty programme that incentivises independent security research.Finally procure and begin using a cloud-first,centrally ma
98、naged identity solution to secure your business expansion goals.Speak the language of trust,not just regulatory compliance.Involve yourself early and often for the better chance at influencing any new rules and ensuring that they boost,not hinder,business success.AI,the metaverse,cryptocurrency,priv
99、acy these hot regulatory topics could well benefit from your experience and insights.Remember,regulators can feel as befuddled as anyone by the workings of cyber and tech.Shape guardrails.CISOCFOGCCISOIACROCOOCCOCISOCIORAGCPwC|2024 Global Digital Trust Insights18Providing you with around-the-clock e
100、yes is one benefit of automation,GenAI and managed services.Performing mundane chores so your teams dont have to is another.Free your teams for creative thinking(automation,GenAI,managed services).Cyber tops the risk register in most companies and on many executive surveys.But is it a staple topic i
101、n your boardroom?Are you getting quality information not on cyber risks and controls,but also on how major strategic initiatives are furthering business and revenue growth?Security provides Welcome cyber into the boardroom.the underpinnings for everything the organisation does:finance,development,pe
102、rsonnel,technology and other areas of the business you likely discuss every time you meet.Looking your cyber programme squarely in the eye can be a daring move.Business transformation is one thing.Cyber transformation is not another.They are the same.The CISO and CEO together need now embrace cyber
103、as a whole-of-business endeavor,putting yourselves in the business owners shoes.Wouldnt they want every aspect financial records,proprietary Think like the business owner.research,application development,customer data and the like protected from unauthorized viewing or use?Wouldnt they want to safeg
104、uard their brand?Couldnt cybersecurity spur innovations that save money and help the business to grow?This is the raison detre of cyber.Liberated from the tyranny of tedious tasks,your people may find time and space to ponder new cyber threats and create new ways to thwart evolving threats.CISOCIOCO
105、OCTOCROCISOBCEOCISOCEOAbout the survey The 2024 Global Digital Trust Insights is a survey of 3,876 business,technology and security executives(CEOs,corporate directors,CFOs,CISOs,CIOs and C-Suite officers)conducted in the May through July 2023 period.Four out of 10 executives are in large companies
106、with$5 billion or more in revenues.Importantly,30%are in companies with$10 billion or more in revenues.Respondents operate in a range of industries,including industrial manufacturing(20%),financial services(20%),tech,media,telecom(19%),retail and consumer markets(17%),energy,utilities,and resources(
107、11%),health(9%)and government and public services(3%).Respondents are based in 71 countries.The regional breakdown is Western Europe(32%),North America(28%),Asia Pacific(18%),Latin America(10%),Eastern Europe(5%),Africa(4%)and Middle East(3%).The Global Digital Trust Insights Survey had been known a
108、s the Global State of Information Security Survey(GSISS).In its 26th year,its the longest-running annual survey on cybersecurity trends.Its also the largest survey in the cybersecurity industry and the only one that draws participation from senior business executives,not just security and technology
109、 executives.PwC Research,PwCs global Centre of Excellence for market research and insight,conducted this survey.Sean JoyceGlobal Cybersecurity&Privacy Leader,US Cyber,Risk&Regulatory LeaderPwC US |LinkedInContact us to learn more 2023 PwC.All rights reserved.PwC refers to the PwC network and/or one or more of its member firms,each of which is a separate legal entity.Please see for further details.1811474-2023.