The global COVID-19 pandemic has evidently expedited the use of digital tools in business and the home. We can all agree that 2021 was a challenging year as many organizations had a hard time adapting to the new cybersecurity situation. The pandemic has also shown us just how interconnected all businesses are and how increased digitalization has driven the global population onto a new set of cyber threats and attacks. Complacency is therefore not an option if you plan to survive and thrive in 2022. The sooner we can start adapting new strategy, policies, and technologies, the better off everyone will be in the long run.
In this blog, we talk about some of the critical findings in the Global Cybersecurity Outlook 2022 published by the World Economic Forum’s Centre for Cybersecurity. These were collected from more than 120 global cyber leaders who gave their insights on how to shift from cybersecurity to cyber resilience.
Addressing Gaps in Cyber Resilience
1. Prioritizing cyber in business decisions
- 92% of business executives surveyed agree that cyber resilience is integrated into their respective enterprise risk management strategies.
- Only 55% of security-focused executives surveyed agree with the statement.
2. Gaining leadership support for cybersecurity
- 84% of respondents say cyber resilience is considered a business priority in their organization with support and direction from leadership.
- 68% see cyber resilience as a major part of their overall risk management.
Owing to this misalignment, many security leaders still express that they are not consulted in business decisions, which can hamper identification and mitigation of security risks and result in less secure decisions. Cybersecurity is still an afterthought in too many organizations.
3. Recruiting and retaining cybersecurity talent
What cyberattacks are organizations most worried about?
- 59% of the respondents would find it challenging to respond to a cybersecurity incident owing to the shortage of skills within their team.
- While majority ranked talent recruitment and retention as most challenging, business executives appear less acutely aware of the gaps than their security-focused counterparts, who perceive their ability to respond to an attack with adequate personnel as one of their main vulnerabilities.
- More than 50% of respondents indicated that ransomware was one of their biggest concerns when it comes to cyberthreats.
- In addition, 80% stressed that ransomware is a dangerous and growing threat to public safety. Ransomware attacks are increasing in frequency and sophistication and were followed by social engineering attacks as the second-highest concern for cyber leaders.
- Number three on this list is malicious insider activity. A malicious insider is one of an organization’s current or former employees, contractors or trusted business partners who misuse their authorized access to critical assets in a manner that negatively affects the organization.
Although there are many factors that influence cybersecurity policies, most respondents (81%) said digital transformation is the main driver in improving cyber resilience. A high percentage (87%) of executives are planning to progress cyber resilience by strengthening resilience policies, processes, and standards for how to engage and manage third parties.
Cyber Resilience of Small and Medium Businesses
- 88% of respondents indicated that they are concerned about the cyber resilience of SMBs in their ecosystem.
- Almost half (48%) of respondents believe that automation and machine learning and 28% see that remote/hybrid work environment will introduce the biggest transformation in cybersecurity in the next two years.
Given the current state of businesses all over the world, we can therefore conclude that cybersecurity is not a separate technology, but rather a priority of the systems spanning technology, people, and processes. The ongoing shift from cybersecurity to cyber resilience is an important step towards a more trustworthy and sustainable future. Incorporation of cybersecurity and breaking down siloes both within and between organizations to improve cyber resilience is vital in assuring that we maintain a trusted, secure, and protected digital environment.
Read more about the Global Cybersecurity Outlook 2022 here.