If cyber security was earning heightened interest at the board and c-suite levels prior to the pandemic, its urgency only increased when the global pandemic was declared. Organizations quickly realized the immediate need to digitally transform every part of their business, whether to serve customers, preserve supply chains or enable newly remote workforces.
In this high-pressure environment, many organizations responded with impressive agility rethinking their operating and delivery models, embracing digital transformation that might otherwise have taken years to implement. Of course, organized crime responded by refocusing their attacks, often taking advantage of new gaps in an organization’s security measures and playing on the fears of citizens over COVID-19.
Unfortunately, just as these cyber risks are rising, companies may face economic hardships which drives them to contemplate cutbacks to their security budgets. They make these decisions at a time when building digital trust, with customers, partners and government, is critical to their survival and success.
In addition to the way organizations have changed course in response to shifting winds, I think of the way communities have responded to today’s new cyber realities. Suddenly, the lines between work and home have blurred, with many parents working from home and sharing screen time with family, juggling school, social and commerce activities online. Although most organizations have no doubt experienced ‘bumps’ during this transition, it’s impressive how they can embrace technology-enabled alternatives. And, learn to do so safely.
October was International Cyber Security Awareness Month, it reminded me of the importance of helping diverse spheres of our society — from children, to parents/guardians, to consumers to office workers — learn to manage new cyber security and online risks. For several years, KPMG has hosted KPMG Global Cyber Day, including classroom outreach by our cyber security professionals with students, teachers and parents, and actionable lessons to help community members safely manage personal data, social media, cyber bullying and other timely issues.
Naturally, this year we have had to move our efforts online, primarily through social media and our cyber awareness websites. However, it’s terrific to see how the public has responded to these initiatives and taken steps to protect themselves, their homes and loved ones, as they expand their use of digital technologies. Our Be cyber smart page, shares advice on starting good conversations, evaluating risks, setting rules and adopting best practices. These principles have proven effective in driving cyber smart behaviors in the community, and of course they are equally valid for organizations helping their employees stay safe.
Now more than ever, retaining our focus on the cyber security of our increasingly interconnected world is critical. And, I’m confident we can do it! But it does require organizations to change the way they approach cyber security.
In recognition of the difficult challenges organizations have been faced with, we recently published a new report, All hands on deck: key cyber considerations for a new reality. We identified eight core themes, to help organizations focus on the most urgent issues:
Although the above ‘to do list’ for organizations might seem intimidating, it’s reassuring to think in terms of how much change we have all absorbed to date, in such a short time.
We have the power in our own hands to adapt to these new realities — whether we’re a parent or guardian trying to understand the scope of our child’s online life, or a CISO trying to steer their organization towards a more secure, resilient and flexible state during digital transformation. By breaking it down, setting priorities and drawing upon trusted resources, we can each rise to the challenge, and protect and enable what is most important to us and the community in this new reality.
Throughout this blog, “we”, “KPMG”, “us” and “our” refers to the global organization or to one or more of the member firms of KPMG International Limited (“KPMG International”), each of which is a separate legal entity.