In a wide-ranging survey, ransomware and business email compromise attacks also predicted to go up
Over half of respondents (59%) expect their cyber security budgets to increase
Cloud related risks top the list of cyber security concerns that UK senior executives say will have a significant impact on their organisations in 2023, according to PwC's annual Digital Trust Insights. The research is based on an extensive survey of global and UK business leaders looking at key cyber security trends for the year ahead. Some 39% of UK respondents say they expect cloud-based risks to significantly affect their organisation in 2023, more so than cyber risks from other sources such as laptop/desktop endpoints, web applications and software supply chain.
A third (33%) of respondents expect attacks against cloud management interfaces to increase significantly in 2023, while 20% say they expect attacks on Industrial Internet of Things (IIoT) and operational technology (OT) to significantly increase in the next 12 months.
However, long-standing and familiar cyber risks remain on the horizon in 2023, highlighting the challenge facing businesses. Just over a quarter (27%) of UK organisations say they expect business email compromise and ‘hack and leak’ attacks to significantly increase in 2023, and 24% say they expect ransomware attacks to significantly increase. Nevertheless, cyber security budgets will rise for many organisations in 2023, with 59% of UK respondents saying they expect their budgets to increase.
Richard Horne, Cyber Security Chair, PwC UK said: “In part the increase in cloud-based threats is a result of some of the potential cyber risks associated with digital transformation. An overwhelming majority (90%) of UK senior executives in our survey ranked the ‘increased exposure to cyber risk due to accelerating digital transformation’ as the biggest cyber security challenge their organisation has experienced since 2020.
“However, these digital transformation efforts - which include initiatives such as migration to cloud, moving to ecommerce and digital service delivery methods, the use of digital currencies and the convergence of IT and operational technology - are critical to future-proofing businesses, unlocking value and creating sustainable growth.”
Around two-thirds of UK senior executives say they have not fully mitigated the cyber risks associated with digital transformation. This is despite the potential costs and reputational damage of a cyber attack or data breach. Just over a quarter (27%) of global CFOs in the survey say they have experienced a data breach in the past three years that cost their organisation more than $1 million.
Cyber attack now seen as the biggest risk to organisations
The C-Suite is becoming more aware of how these complex cyber threats and the potentially damaging impact of them can pose a major risk to wider organisational resilience. Just under half (48%) of UK organisations say a “catastrophic cyber attack” is the top risk scenario, ahead of global recession (45%) and resurgence of COVID-19 (43%), that they are formally incorporating into their organisational resilience plans in 2023. This echoes the findings of PwC’s 26th annual CEO Survey, where almost two-thirds (64%) of UK CEOs said they are extremely or very concerned about cyber attacks impacting their ability to sell products and services.
Bobbie Ramsden-Knowles, Crisis and Resilience Partner, PwC UK said: “The potentially destructive impact of cyber threats such as ransomware have significant implications for the wider resilience of whole organisations. Only by taking a more strategic approach to resilience across high impact and increasingly plausible threats can organisations protect what matters most to business survival, reputation and ultimately build trust.”
ENDS
Notes to editors
About the survey
The PwC Global Digital Trust Insights Survey questioned more than 3,500 senior business and technology executives around the world in July and August 2022 - from CEOs and CFOs to CIOs and CISO - including 249 in the UK. Find out more here: https://pwc.to/3YsIdmX
About PwC
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 155 countries with over 327,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com.
PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.
© 2023 PwC. All rights reserved