KPMG’s latest survey has revealed that UK CEOs are waking up to the very real and increasing threat of cyber attacks, with four in ten convinced their organisation will be targeted at some point in the future. The survey also found UK business leaders believe a strong cybersecurity strategy is critical to engender trust with key stakeholders, with 74% agreeing it is an enabler of trust, in comparison to only 55% of global CEOs.
However, in light of GDPR, it is worrying that only 40% of UK CEOs believe customer data protection is one of their most important personal responsibilities in enabling long-term growth of the customer base. This increasing awareness of cyber threats comes as no surprise considering at the start of this year the head of the National Cyber Security Centre, Ciaran Martin, warned that UK infrastructures and businesses will face a significantly increased cyber threat in 2018.
Furthermore, over the past few months, there has been an assortment of high-profile data breaches, cyber attacks, IT failures and incidents of data misuse, which undoubtedly have influenced this viewpoint. This changing outlook was revealed when 150 of the UK’s biggest businesses leaders and a further 1,150 CEOs from across the world were surveyed by KPMG about their future investment plans and the challenges and opportunities facing their companies.
CEOs Investing and Planning Ahead Against Attacks
Neil Coutts, head of Cyber Security and Technology Risk for KPMG in Scotland, said: “The seeming inevitability of a cyber attack crosses all borders and is increasingly a standing board agenda item. We are seeing business investing in both protecting themselves from a cyber attack and planning for the response to and recovery from an attack.”
“It is reassuring that UK CEOs see the value in having a robust cybersecurity strategy which enables trust. The reality is that without trust, customers are more likely to be resistant to sharing personal information, potentially undermining business models and strategies. Businesses need to turn privacy into a source of competitive advantage which will enable long-term growth of the customer base.”
“It’s encouraging to see that CEOs are developing a more mature understanding of what cyber security actually means. Helped by non-executive directors (NEDs), they are beginning to ask more awkward and searching questions of their IT teams: what are the challenges that face us speciﬁcally, what risks are we carrying, what do we need to be resilient to a cyber-attack?”
“Organisations are spending more time planning for worst case scenarios, running simulations and planning in detail more time planning for worst case scenarios, running simulations and planning in detail about how they would deal with the consequences of a cyber attack.”