Poor cyber security puts revenues and reputations at risk, which is why it should be such a high priority for the whole C-suite.
Cyber risk can evolve quickly into regulatory, legal and reputational risk. Following a few key principles, can help boards and C-level leaders gain confidence that their business has the right defences in place.
Business leaders are losing sleep over cyber risk with these issues now sitting at the top of CEOs’ ranking of global risks - with 72% afraid their firms are not fully prepared for cyber events.
This figure is hardly surprising, every company is now a cyber company. Technology is increasingly embedded in products and customer relationships and is creating endless links with companies’ suppliers and service providers. That level of connectivity will only grow as businesses take advantage of big data, artificial intelligence (AI) and other aspects of the ‘fourth industrial revolution’.
Cyber security is therefore vital to today’s businesses – both in terms of risks and opportunities. On the downside, cyber risk is contagious and fast-moving. It can evolve rapidly into regulatory, legal and reputational risk. That, in turn, can pose unpredictable threats to a firm’s revenues and strategy and even, at worst, its very survival. Increasing connectivity also widens a firm’s attack surface and can end up reducing security to the lowest common denominator in its supply chain.
But, there is plenty of upside too. Cyber security is also integral to a company’s growth. Those that manage cyber risks well tend to have greater confidence and ambition. Some 88% of CEOs say they see security as a driver of innovation. And, it is also closely tied to customer loyalty and trust – invaluable assets in a digital world.
Given the scale of these risks and opportunities, cyber security has emerged as a board level issue. In fact, there is probably no other operational matter with the same potential to affect a company’s growth, reputation, innovation and investor relations. Board and C-level leaders don’t need to become technology experts. But, they do need to understand that cyber security is their responsibility and ensure appropriate measures are in place.
When it comes to cyber security, we believe there are four golden rules which companies should follow.
Scroll down to continue reading...
Every single aspect of today’s business environment now relies on powerful cyber security. It’s no longer a purely technological issue and companies should place it at the very top of their business agenda.
© 2020 KPMG LLP a UK limited liability partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more detail about the structure of the KPMG global organisation please visit https://home.kpmg/governance.