Why cyber resilience is key to accelerating and safeguarding critical change

Unlocking growth amid disruption

Cyber resilience needs to sit at the heart of this reinvention. Organisations must stay ahead of - not just respond to - increasingly complex and high impact cyber risk if they are to securely and safely unlock greater value from their data, using technologies such as cloud and generative AI (GenAI).

The positive news is that more than half of UK CEOs (53%) are stepping in and taking personal responsibility for driving change across the organisation - from appointing dedicated transformation leaders and teams to reallocating capital to transformation projects and raising additional funding for them. But cyber security must also be driven from the top, across the entire organisation.

The technology transformation opportunity - and risk

Much of the essential change that organisations are pursuing can only be achieved by more effective use of technology. Some 87% of UK CEOs say they have recently completed or are currently running, or planning, at least one transformative IT project, and more than three-quarters (76%) say they will invest in cloud infrastructure and data and AI this year.

But this growing reliance on technology increases the potential and severity of technology-related risks such as data loss, regulatory compliance failures and catastrophic cyber attacks.

Cyber risk ranked second behind only inflation when respondents to our Global Risk Survey (GRS) 2023 were asked which risks they feel highly or extremely exposed to in the next 12 months. And the evolving and wide-ranging nature of cyber threats is evident from our 2024 Digital Trust Insights (DTI) survey.

The scale and cost of cyber attacks is also increasing, with more than a quarter (28%) of UK DTI respondents saying their most damaging breach in the last three years cost between $1m and $9m, and 17% putting that figure at between $10m and $19m.

The fine balance between technology opportunity and risk can perhaps be seen most starkly with the rapid rise of GenAI, underscoring the critical importance of cyber security to the safe adoption of emerging technology.

Closing the cyber resilience gap

Yet despite the criticality of greater cyber resilience to successful transformation, many organisations still have significant gaps between their ambitions and action. Take cloud, where only a quarter (24%) of UK respondents to the DTI survey say they are prioritising cloud security when allocating their cyber security budget in 2024 despite cloud being ranked the top cyber threat.

Cloud security risks

^{Q: To what extent has your organisation addressed the following challenges with your cloud service provider(s)? (Source: 2024 Digital Trust Insights survey UK respondents, PwC)}

Technology complexity is also a challenge. Just under half (45%) of UK respondents to the DTI survey say they use cyber security technology from multiple providers, with plans to integrate it in the next two years. And only half are ‘very satisfied’ with their technology capabilities in key cyber security areas. As a result, only around a quarter of UK organisations say they are consistently achieving (between 81%-100% of the time) key cyber security activities.

The cyber talent challenge and the growing role of managed services

Attracting, retaining and upskilling the cyber talent needed to securely deliver this transformation is a major challenge for many organisations. The majority of UK CEOs (78%) in our UK CEO Survey report some extent of skills shortage within their organisation, and 68% specify a lack of tech capabilities in inhibiting their ability to transform.

Most organisations will not be able to build the cyber skills and tech capabilities needed internally and more than half (57%) of UK respondents to our DTI Survey say that rebalancing between in-house and outsourced or managed services is a top priority over the next 12 months. Just over a quarter (27%) of UK DTI Survey respondents also say managed security services is a priority investment when allocating their organisation’s cyber budget in the next year, while 30% say they are implementing or planning to implement cyber managed services in new areas such as security operations.

From threat to opportunity - changing the way we see cyber risk

By building greater cyber resilience, organisations can take a more informed and confident approach to digital transformation and be alive to the cyber risks, so they can better understand, manage and mitigate them.

This can be seen with the top performing 5% of organisations revealed as ‘stewards of digital trust’ in our DTI survey. These organisations are experiencing fewer breaches, and the attacks that do hit them aren’t as costly. Navigating risk is easier because they’ve streamlined their cyber security solutions. And they’ve positioned themselves for greater productivity and faster growth, outpacing the competition as they plunge into new technologies with confidence that they are well protected.