Companies globally could incur NZ$8 trillion in additional costs and lost revenue over the next five years due to cyber attacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to a new report from Accenture.
Based on a survey of more than 1,700 CEOs and other C-suite executives around the globe, the report - Securing the Digital Economy: Reinventing the Internet for Trust - explores the complexities of the internet-related challenges facing business and outlines imperatives for the CEO's evolving role in technology, business architecture and governance.
The report notes that cybercrime from a wide range of malicious activities poses significant challenges that can threaten business operations, innovation and growth, and the expansion into new products and services, ultimately costing companies trillions of dollars.
The high-tech industry faces the highest risk, with more than US$753 billion hanging in the balance, followed by the life sciences and automotive industries, with US$642 billion and US$505 billion at risk, respectively.
“Internet security is lagging behind the sophistication of cyber criminals and is leading to an erosion of trust in the digital economy,” says Accenture communications, media and technology operations group global lead Omar Abbosh.
“Strengthening internet security requires decisive - and, at times, unconventional - leadership by CEOs, not just CISOs. To become a cyber-resilient enterprise, companies need to start by bringing CISOs' expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.
Among the key findings, four in five respondents (79%) believe that the advancement of the digital economy will be severely hindered unless there is dramatic improvement to internet security, and more than half (59%) of respondents said the internet is getting increasingly unstable from a cybersecurity standpoint and they are unsure how to react.
At the same time, three-quarters (75%) of respondents believe that addressing cybersecurity challenges will require an organised group effort, as no single organisation can solve the challenge on its own. With heightened concerns about internet security, more than half (56%) of executives would also welcome stricter business regulations imposed by a central organisation or governing body.
“The internet wasn't built with today's level of complexity and connectivity in mind, which is why it takes just one click - whether inside or outside the company walls - to fall prey to a devastating cyber attack,” says Accenture security senior managing director Kelly Bissell.
“No organisation can tackle the challenges posed by cyber threats on its own; it's a global challenge that needs a global response, and collaboration is key. To shape a future that thrives on a strong and trustworthy digital economy, senior executives need to look beyond the bounds of their organisation, team with an ecosystem of partners, and secure their entire value chains - across every partner, supplier and customer.
The rapid emergence of new technologies is creating additional challenges, as four in five respondents (79%) admit that their organisation is adopting new and emerging technologies faster than they can address related cybersecurity issues, with three-quarters (76%) noting that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT).
A majority (80%) also said protecting their companies from weaknesses in third parties is increasingly difficult, which isn't surprising given the complexity of today's sprawling internet ecosystems.
Also, on the minds of many senior executives: consumer data protection. Fueled by security concerns, 76% of respondents believe that consumers can't trust the safety of their online identities when too much of their personal data is already available without restrictions.
The study outlines three actions that CEOs and other C-suite leaders can take to help improve the safety of the internet:
Join forces with other companies and govern globally – Step up efforts to collaborate with other top executives, government leaders and regulators to better understand how to prevent new cyber attacks.
Connect and protect with a model run on digital trust – Become brilliant at the basics of cybersecurity. Fully protect business across the entire ecosystem of partners and supply chains.
Advance businesses and enhance safety – Embrace new technologies, master IoT security, and prepare for the quantum challenge. Ensure that software security and update functions are embedded into mobile and IoT devices from the initial design.