While great strides have been made, Irish firms can do better to stop the cyberattackers compared to global peers. For example, better allocation of budgets to the right risks, accelerating digitisation, strengthening cybersecurity defenses and responding more quickly to cyber-incidents. Less than half of Irish survey respondents plan to increase resilience testing to prevent the most disruptive cyberattack. These are some of the key findings from PwC's research: Global Digital Trust Insights 2021: Cybersecurity comes of age launched in Ireland today.
The report is based on research amongst over 3,200 business and technology executives from around the world including in Ireland and reveals insights into what's changing and what's next in cybersecurity. This press release deals with the Irish results including how Ireland compares to global peers.
An overwhelming 96% of the Irish respondents said that they have shifted their cybersecurity strategy due to COVID-19. Nearly half (47%) said that they are now more likely to consider cybersecurity in every business decision; a similar proportion (43%) confirmed that COVID-19 will result in better quantification of cyber-risks.
However, to achieve digital aspirations, Irish respondents are less focused on doing things faster and more efficiently (20%) and speeding up automation to cut costs (30%) compared to global peers (Global: 29% and 35% respectively). Just 27% say they have significantly improved customer experiences (Global: 45%) as part of their cybersecurity progress. In addition, just three out of ten (30%) stated that there is likely to be more frequent interactions between their Chief Information Security Officer and CEO or Board (Global: 51%).
Pat Moran PwC Ireland Cyber Practice Leader said: "Given the unprecedented impacts of COVID-19, many organisations have had to rethink and reframe their cybersecurity strategies. While great strides are being made, the survey also suggests that more can be done by Irish firms compared to their global peers, particularly, to speed up automation and achieve efficiencies. It is also important that the head of information security is in regular communication with the CEO and board to balance the technology and business requirements of any cyber-strategy."
With a significant number of cybersecurity jobs to be filled in Ireland in 2021, a key challenge plaguing the cybersecurity industry is a lack of skilled people. At the same time, just under a third (30%) of Irish respondents plan to add full-time cybersecurity personnel over the next year compared to 51% globally.
The top cybersecurity roles Irish executives are looking to fill include: cloud solution architects (50%), collaboration (50%), digital design (47%), security intelligence (43%) and data analysis (40%).
An alternative that many organisations have used to fill cyber-job vacancies is upskilling, increasing and broadening existing employees' skills. The research suggests that more Irish firms may be opting for this route to plug the skills gap. We also see some organisations relying on managed services to fill the acute need for specialist talent and advanced technologies.
More than half (55%) of respondents state that their cyber budget will increase in 2021. While a larger budget for cybersecurity is good news, the industry should expect changes in the way these budgets are being managed. 60% of executives lack confidence that their cyber spending is allocated towards the most significant risks of their organisation (Global: 55%). Nearly four out of ten (37%) say that they're thinking about changing their budgeting process (Global: 44%).
At the same time, less than a third (30%) strongly agree that quantification of cyber risks can significantly improve the way they manage spending against risks (Global: 37%). Just over one in ten (13%) strongly agree that their organisation can strengthen its cybersecurity defenses while containing costs (Global: 34%).
Innovation and technology are changing the way organisations around the world are leveling the playing field against cyberattackers. However, less than one in three (30%) Irish executives said that COVID-19 has accelerated digitisation (Global: 40%). A similar proportion (30%) confirm that they have made significant progress in responding more quickly to cyber-incidents and disruptions (Global: 44%).
The top outcomes desired as a result of increased investment in cybersecurity over the next two-three years, according to Irish respondents, are: improved confidence of leaders' ability to manage threats, lower cost of compliance and improved customer experience. The prevention of successful attacks and faster response times to disruptions was of greater focus globally than in Ireland.
The survey found that executives from large organisations ($1 billion plus) are more likely to report benefits from making a strategic shift to advanced technologies and restructuring security operations.
Since the pandemic, around the world we've seen a surge in intrusions, ransomware, data breaches and phishing. Still less than half (43%) of respondents said that they plan to increase resilience testing to ensure critical business services will function even if the most disruptive cyber event occurs.
The Internet of Things (IoT), mobile, cloud-service providers and other third parties top the list of 'very likely' root causes of cyberthreats in the year ahead. However, cyberattacks on cloud services top the list of threats that will have a 'significant negative impact'.
Pat Moran concluded: "Irish firms have made progress in terms of modernising their capabilities and realigning their cyber-strategy in their efforts to beat the cyberattackers. But the survey suggests that compared to global peers Irish firms should place a greater focus on investing in technologies and strengthening their cyber-defenses to make a more meaningful headway against cyberattackers. Leading cybersecurity teams have a threefold mission: build trust, build resilience,and accelerate innovation."
PwC today launches its latest Digital Trust Insights analysis in Ireland: Global Digital Trust Insights 2021: Cybersecurity comes of age revealing insights into what's changing and what's next in cybersecurity. The report is based on research amongst 3,249 business and technology executives from around the world including Ireland. Executives surveyed included CEOs, corporate directors, CFOs, chief security officers, chief information officers and C-suite officers.
At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 155 countries with over 284,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at pwc.com.
PwC refers to the PwC network or one or more of its member firms or both, each of which is a separate legal entity. Please see pwc.com/structure for further details.
© 2021 PwC. All rights reserved