Deloitte Move Cyber From Threat Assessment To Growth Enabler
December 26, 2022
2023 Global Future of Cyber survey,
which found that cyber is more than just technology-focused—it
is foundational to an organization’s growth strategy. This
year’s report polled more than 1,000 leaders across 20
countries—Deloitte Global’s largest cyber survey to-date—to get
a clearer picture of where cyber stands and where cyber is
"This year’s report shows how cyber is now woven more tightly into business operations, outcomes, and opportunities. Chief information security officers (CISOs) are most successful when they are connectors across their organization, focused on enabling their organization’s highest business priorities,” says Emily Mossburg, Deloitte Global Cyber Leader. "Cyber has become an enabler for business and embedding it into all business practices has shown nothing but success. Advancing cyber will only become more critical as the global economy faces a potential downturn and businesses navigate a looming recession."
Understanding cyber maturity and identifying high-performing cyber organizations are critical in setting the stakes for other organizations. By separating high-cyber-maturity organizations from their medium- and low-cyber-maturity counterparts, the report identifies a distinct class of cyber leaders and more fully demonstrates the extent to which cyber underpins business success and value.
To define cyber maturity, Deloitte identified three sets of
leading practices to rate organizations—cyber planning, key
cyber activities, and board involvement. The report segments the
organizations into three groups—low-, medium-, and
high-cyber-maturity—by assigning point values to each set of
Global industries continue to navigate constant disruption propelling leaders to adjust their priorities and business initiatives to consider the latest technologies, while also working with extended ecosystems to develop solutions—including data protection and privacy, cyber cloud, infrastructure security, and application security.
Cloud is now the number one digital transformation priority for leaders, up from the number two spot in 2021, displacing data analytics.
5G, a newcomer, takes a spot within the top five priorities for businesses, reflecting the growing role of the technology within business ambitions and proving that, while 5G can enable new business models like telemedicine and asset tracking in manufacturing, it also expands the attack surface continuing the need to embed cyber at the start.
Highly mature companies saw 30%+ more value from third-party cyber services such as cyber strategy, data protection and privacy, cyber cloud, infrastructure security, and application security.
76% of respondents reported use of automated behavior capabilities to detect and mitigate cyber risk, compared to 53% in 2021.
Cyber planning and talent can bring innovative solutions that
support future business models and identify unforeseen
High-cyber-maturity companies (60%) are three times as likely as low-cyber-maturity organizations (20%), and twice as likely as medium-cyber-maturity organizations (30%) to conduct incident-response scenario planning at the organizational and/or board level.
70% of respondents reported cyber was regularly on their board’s agenda, suggesting that cyber is evolving into a distinct functional area of the business.
A lack of skilled cyber professionals is reported to be a top challenge in managing cyber, according to 47% of high-cyber-maturity organizations, suggesting that organizations appreciate the importance experienced talent can bring to cyber efforts.
“With cyber threats growing and advancing around the globe,
there is no architecture or approach that can guarantee absolute
security and risk mitigation,” adds Mossburg. “We’re now seeing
cyber transcend its traditional IT roots and become an essential
part of future-proofing businesses—which will be critical in the
year ahead as digital transformation continues to be a top