The former racing driver Mario Andretti famously said: “It’s amazing how many people think that brakes are for slowing the car down.” And he was right — brakes are for making the car go faster, safely. Which I feel perfectly sums up the role of cyber security in today’s organizations: to enable them to enjoy the fullest benefits of digital transformation, while managing the many risks.
COVID-19 has magnified both the opportunities and threats of digitization. Organizations have made incredible strides in remote working and collaboration for employees, as well as improving digital customer experience. But this has also reminded us that physical perimeters no longer exist. With increasing reliance on third parties, and the proliferation of Internet of Things (IoT) and other devices, cyber security now involves complex ecosystems with a dramatically increased threat potential.
In a marketplace where speed to market is essential, cyber security teams are now responsible for building trust and resilience, by forging a pragmatic security culture and helping embed secure by design thinking into every aspect of digital infrastructure and data. To do this, they must see themselves as enablers and facilitators, helping others deliver services and brands that deserve cyber trust among customers, employees and society at large.
To find out more about how cyber security roles are evolving, KPMG professionals spoke to a number of Chief Information Security Officers (CISOs) from major organizations, from a wide range of industries and regions, as well as to KPMG’s cyber security specialists from around the world. From these insights we have identified the seven actions that CISOs should take to help keep organizations resilient and competitive. We invite you to explore these actions and encourage you to contact us to learn more.