CEE findings from the 2023 Global Digital Trust Insights Survey

A C-suite united on cyber-ready futures

Cybersecurity has become a more dynamic field, rapidly adjusting and shifting to keep apace with business inventiveness. This agility is what’s needed for the tougher challenges ahead. How can all players continue to make a difference? Where should CISOs and cyber teams wield influence for the greatest effect?

We are excited to share the latest findings of our 2023 Global Digital Trust Insights Survey—reflecting the views of over 3,522 business, technology, and security executives (CEOs, corporate directors, CFOs, CISOs, CIOs, and C-Suite officers) across various industries around the world.

The Central and Eastern Europe (CEE) region continues to be in focus of leaders globally, as a hub for their cyber teams and operations, and a host region for many diverse stakeholders in cybersecurity. So we offer our traditional comparison of the CEE, EMEA and global numbers in this year’s DTI report.

It’s a bold new world in business - in CEE and globally

Today, business, security and IT leaders are driven by events that no one could have foreseen, and they have pushed themselves beyond their comfort zones—digital transformations, into the cloud, geopolitical, health and macroeconomic issues. With each new venture comes new cyber risks.

Good news: progress in cybersecurity since 2020

CISOs and cyber teams have risen to the challenge, and C-suites have joined forces with them. More than 70% of the 3,522 business and tech executives we surveyed globally saw improvements in their enterprise’s cybersecurity this year—thanks to cumulative investments and C-suite collaboration. CEE is following with a 10% on average lower mark per improvement area.

Cyber has progressed on many fronts. The biggest respective improvements in CEE have been recognised in the following areas: operational technology security, value and efficiency of cyber resources, helping the business design “security and privacy” into new products and services.

Question: Please indicate whether or not your organisation’s cybersecurity team has accomplished the following in the past 12 months.

Respondents who stated ‘Yes’

The goalposts keep moving, so there’s more work to do in mitigating cyber risks

Digitisation makes security everyone’s business. The future promises more connected systems and exponentially more data—and more organised adversaries. With ever expanding cyber risks, business leaders have much more work to do.

Of those surveyed, only 31% in CEE, 28% in EMEA and fewer than 40% globally feel very confident in their current mitigation of emerging risks. Senior executives worry that their enterprise isn’t fully prepared to address heightened threats.

Question: On a scale of 1 to 10, to what extent has your organisation mitigated the cybersecurity risks associated with each of the following in the last 12 months?

Respondents who stated at least ‘Moderately mitigated’ in CEE, EMEA & Global

Topping the 2023 list of rising organisational threats in CEE are cybercriminal activity (56%) and hacktivist/hacker (49%) for threat actors; and email (44%), users (38%), endpoints (35%), mobile, cloud, web applications (each 31%) and third-parties (30%) for pathways by which adversaries can gain access.

Question: For each of the threat actors below, which do you expect to significantly affect your organisation in 2023 compared to 2022?

Question: For each of the pathways by which adversaries can gain access to your systems, please select those that you expect to significantly affect your organisation in 2023 compared to 2022.

Half of the organisations in CEE and the majority of businesses globally are increasing cyber budgets

CISOs see the need to advance further on five cyber capabilities: identify, detect, protect, respond, recover. Accordingly, cyber budgets are expected to increase.

Half of the CEE executives surveyed said their organisations are continuing to increase their cyber budgets—48% plan to spend more on cyber in 2023. In EMEA, this number is 58%, and globally it is even higher—65% said their cyber budget will be increased. Increasing budgets reflect the fact that cybersecurity tops the agenda for resilience planning.

Question: How is your organisation’s cyber budget changing in 2023?

Global recession, a catastrophic cyber attack and an inflationary environment are top-3 scenarios in 2023 resilience plans in CEE

Impacted by digital transformation, a catastrophic cyber attack is a top scenario in 2023 resilience plans. Such an attack would surely put C-suite alliances to the test.

This scenario is almost the unanimous number one concern globally and in EMEA. It is also supported by PwC’s 25th Annual Global CEO Survey results, as CEOs globally rank cyber risks as the top threat to growth, with health risks close behind. At the same time, in CEE, a catastrophic cyber attack is second among top scenarios for resilience planning, following only a global recession, while being ahead of the inflationary environment, geopolitical situation and supply chain bottlenecks.

Question: Thinking about overall risks to your organisation over the next 12-24 months, please rank the top five scenarios that you are formally incorporating into your organisational resilience plans.

Increased exposure to cyber attacks is the highest impact faced by organisations (globally, in CEE and EMEA) in connection with increased digitalisation, such as migration to the cloud, moves to e-commerce and digital services, and convergence of IT and operational technology.

Question: Which of the following has your organisation experienced since 2020?

Summary

CEOs recognize that cyber is a business imperative—the one that the CISO cannot, and should not, tackle alone. CISOs are seizing the initiative to truly lead—to step out of their independent cyber-specialist role and into one of partnering with not just a few executives but the entire C-suite. Among them are executives responsible for the overall business (CEO), management oversight and governance (Board), technology infrastructure (CIO/CTO), cyber investments (CFO), operations and supply chain (COO), risk management (CRO), data (CDO/CPO) and human resources (CHRO). These collaborations have never been more critical.

For this reason, we are publishing our full report with the inclusion of a C-suite playbook on cybersecurity and privacy that features our latest findings, info on what lies ahead in 2023, and how executives can work together for cyber-ready futures.

*The 2023 Digital Trust Insights Survey report for CEE is based on a sample of respondents from the following CEE territories: Poland, Hungary, Bulgaria, Czech Republic, Slovakia, Romania and Serbia.

Available: C-suite playbook on cybersecurity and privacy as part of our full report

Sign up to get the full playbook to access more of the latest findings and what lies ahead for 2023.

Access the full report

If you have not already completed the survey, see how you stack up against your peers - right now

Leverage our cybersecurity and privacy benchmarking tool to gain real-time insights on how your organisation is performing.

Take the survey

Sign up for a further discussion

Fields marked with * are mandatory

Email Address *

First Name *

Last Name *

Company *

Title *

Country *

Please provide us details of your request

I would like to receive commercial information, in particular newsletters from CEE PwC Member Firms.

By submitting this form, you confirm that you have read and accepted the privacy policy. Data controllers of your personal data are CEE PwC Member Firms as joint controllers.

address1