Breaking the illusion of cyber security
Even in the best of times companies continue to assess their risks in various business areas. Now that the global pandemic has moved more of our workplace interactions and communications online, the risks of cyber incidents are greater. In order to respond to these challenges KPMG in Jamaica has expanded its services offerings to provide Cyber security services.
With a growing emphasis on speed to market, many organizations have accelerated their roll-out of technology, but more than that, they have become acutely dependent on that technology and the infrastructure which supports our new world.
KPMG’s Global CEO Pulse Survey found that due to pervasiveness of technology, our lives are now interspersed with video conferences with colleagues, online team collaboration sessions and increased interactions through digital channels. These changes are likely to have some permanence as 61 percent of the executives surveyed said that they would continue to build on their use of these tools well beyond the global pandemic.
Expectedly, organized crime has shown agility and creativity in exploiting the fear, uncertainty and doubt that COVID has brought into our lives. We have seen business email compromise and ransomware attacks scale up as attackers exploit our remote working environments. On the other hand, nations have also been targeting weaknesses in technologies for cyber espionage.
So it comes as no surprise that cyber security risk tops CEOs’ concerns in KPMG’s Global CEO Pulse Survey — with the largest number of CEOs rating it as their greatest risk to organizational growth over the next 3 years.
While cyber security has remained a key risk area for several years, its relevance in the business world has never been more significant. But perhaps the more striking outcome of extreme digitalization is the realization and acceptance of cyber as a real business issue.
For many years, several executives have been carrying the impression that their corporations were more secure and better prepared to deal with a cyber incident than they really were. Looking at the survey results, I believe we are moving away from the illusion of security created by working in well-supervised buildings with security staff, access passes and CCTV. Instead, we are moving to a very different world of home computers, personal mobile phones and frequently unstable internet connections.
In this new world, cyber security becomes more personal. Not just for staff but also for senior executives whose world has changed and who are also perhaps more conscious than ever of the fragility of their digital infrastructure, both from work and personal perspectives.
The majority of senior executives (52 percent in the KPMG survey) say their companies expect to invest more in data security measures — topping the list of investment areas, closely followed by customer-centric technologies (such as chatbots), digital communications and artificial intelligence.
This isn’t just about investment; although it is welcomed and necessary, it is about the approach that organizations take to cyber security. I increasingly see cyber security being embedded into core business with greater executive engagement and accountability, linked to growing regulatory interest in cyber resilience and reinforced by recent high-profile incidents.
As organizations become digital businesses, many clients have realized that their long-term advantage resides in data and its utilization rather than in physical goods (as once believed). Many organizations are now creating chief data officer roles and strengthening privacy and information security governance.
As one of our key KIG Growth Initiatives (KGIs), our Digital client service offering has been expanded to include the delivery of accredited Cyber Security services to clients in the KIG through the recently launched KIG Cyber Delivery Centre in Jamaica which is being led by the new KIG Head of Cyber, Ravi Sankar. Ravi is a Principal in the Jamaican Advisory team and has over 15 years regional and international experience having worked in the Caribbean and Europe in the areas of Internal Audit, Business Development and Information Technology Security. In his recent role as Chief Information Security Officer for an international European firm, Ravi was responsible for developing recommendations to improve the clients’/firm’s internal control structure(s). Ravi will be supported by a local team and the wider KPMG Cyber Security professional team, providing KPMG clients across the KIG sub-region with cutting-edge tools and technologies from the Kingston-based Cyber Delivery Centre
The most successful organizations not only treat cyber security as key to their future success but also look to engender client and customer trust in their cyber resilience, in their protection of sensitive data, and in the transparency of their approach.
For me, that trust is becoming a defining theme for 2021, and effective cyber security implementation can play a vital and fundamental role in further building that trust in a digital world!
Global Cyber Security practice Co-leader, Head – Risk Consulting and Partner
KPMG in India