How C-Suite Can Turn Cybersecurity Into A Competitive Advantage
Companies are more connected to their customers now than ever before. Thanks to digital transformation, organizations today are more agile, flexible, efficient, and customer centric. However, with greater access to customers comes an equal measure of increased cybersecurity threats.
One sees the havoc that a data breach can wreak upon a brand; hackers are the modern-day David to the Goliaths of the Fortune 1000 world. As a result, we a fundamental shift in management philosophy around the role that information security plays across organizations. The savviest leaders have shifted from a defensive to offensive position and are turning cybersecurity into a competitive market advantage.
A survey of C-Suite executives to measure leadership sentiment around information security, its costs and business impacts was conducted. Around 263 senior leaders at organizations primarily with revenue in excess of 1 billion USD/EUR/GBP from around the world were approached. Respondents represented 30% financial services, 21% retail/hospitality, 21% telecom/service provider, 7% manufacturing/distribution, 7% computer products/services, 6% business services/consulting, and 9% other.
The report highlights:
- Increased sophistication of management philosophy for information security and security strategy.
- While responsibility for cybersecurity continues to be spearheaded by the CIO and CISO, it is also being shared throughout the entire C-Suite.
- 72% of executives responding claimed that it’s a topic discussed in every board meeting.
- 82% of responding CEOs reported high levels of knowledge around information security, as did 72% of non-technical C-Suite titles – an all-time high!
- Security issues now influence brand reputation, brand trust, and consumer trust, which forces organizations to infuse information security into core business functions such as customer experience, marketing and business operations.
All with good reason. The average cost of a cyberattack is now roughly $4.6M, and the number of organizations that claim attacks cost them more than $10M has doubled from 2018 to 2019.
Customers are quite aware of the onslaught of data breaches that have affected nearly every industry- from banking to online dating throughout the past ten years. Even though many governments have passed many laws to protect consumers against misuse of their data, such as GDPR, CASL, HIPPA, Personally Identifiable Information (PII), etc., companies still can’t keep up with the regulations.
Case in point:
- 74% of European executives report they have experienced a data breach in the past 12 months, compared to 53% in America and 44% in APAC
- Half (52%) of executives in Europe have experienced a self-reported incident under GDPR in the past year.
Consumer confidence is at an all-time low. These same customers want to understand what companies have done to secure their products and services and they are willing to take their business elsewhere if that brand promise is broken. Customers are increasingly taking action following a breach.
Reputation management is a critical component of organizational management. Savvy leaders recognize the connection between cybersecurity and reputation management and subsequently adopted information security as a market advantage.
How Do Companies Start to Earn Back Trust?
Leaders today do recognize that cybersecurity must become part of the brand promise. The research shows:
- 75% of executives claim security is a key part of their product marketing messages
- 50% of companies surveyed offer dedicated security products and services to their customers.
- Additionally, 41% offer security features as add-ons within their products and services and another 7% are considering building security services into their products.
Balancing Cybersecurity Concerns with Deployment of Private and Public Clouds
Digital transformation drove a mass migration into public and private cloud environments. Organizations were wooed by the promise of flexibility, streamlined business operations, improved efficiency, lower operational costs, and greater business agility. Rightfully so, as cloud environments have largely fulfilled their promises.
However, along with these incredible benefits comes a far greater risk than most organizations anticipated.
- 54% respondents shared that improving information security was one of their top three reasons for initiating digital transformation processes
- 73% of executives indicated they have had unauthorized access to their public cloud assets.
What is more alarming is how these unauthorized access incidents occurred
The technical sophistication of the modern business world has eroded the trust between brands and their customers, opening the door for a new conversation around security. Leading organizations have already begun to weave security into the very fabric of their culture – and it’s evidenced by going to market with secure marketing messages, sharing responsibility for information security across the entire leadership team, creating privacy-centric business policies and processes, making information security and customer data-privacy part of an organization’s core values, etc.