Cybersecurity comes of age as industries transform

• In cyber strategy: More business-driven, less on its own.
• In cyber budgeting: More aligned to the most important risks and better informed by risk quantification.
• In use of advanced technologies: Rationalized, more integrated and simpler, not one-off and fragmented.

• In resilience: Part of business-as-usual, not episodic.
• In people upskilling: Digital, business, and social acumen, not just tech.

Financial services focus on securing better customer experiences with advanced cyber defense and resilience

It’s no surprise that 51% of the global financial services (FS) executives who responded to our Global Digital Trust Insights Survey said they’re baking cybersecurity and privacy implications into business decisions and planning as a result of COVID-19. Slightly more than half plan to increase cyber budgets (57%) and headcount (53%) in 2021.

Many will continue to invest in advanced technologies, such as integrated cloud and network security. Automation is making it possible for FS firms to contain cybersecurity costs and improve cyber posture, according to 76% of the executives. They’re also making strides in unifying cyber risk reporting throughout the organization.

As the pandemic continues, the financial sector is racing to improve digital capabilities. Digital transformation helped firms adapt earlier this year, and it will be key to whatever comes next, likely adding more personalized, anytime-anywhere services for consumers. With this comes a shift toward permanent remote work, opening up the potential for new cyber threats. CISOs are expected by executive leaders to have a firm grasp on both securing the day-to-day needs of an huge critical infrastructure (as operational leader/master tactician) and shepherding their organization’s accelerated digitization plans (as transformational leader).

Resilience is a watch word in this industry: FS regulators and standard-setters are focused on helping — and compelling — financial institutions to enhance their resilience against disruptions and evolving threats in this still fragile economy.

Related insights:

Making remote work productive and secure
Business-led transformation in FS
Ten key points on operational resilience

Retail and consumer industry poised to build upon consumer trust earned during the pandemic

Retailers and consumer goods companies responded quickly as the content of our shopping carts changed and we shifted to contactless payments and deliveries during the pandemic. The share of digital customer interactions nearly broke the 60% mark, and it’s poised to continue climbing.

Forty percent of these industry executives are focused on accelerating digitization (e.g., e-commerce, direct-to-consumer) for growth. Every digital interaction that a customer experiences — from the first visit to the site to the completion of a purchase to post-purchase interactions — is being reimagined and viewed as a way to enhance brand.

With this, it’s not surprising that retail and consumer executives are more likely to say their cyber budgets will increase (59.3%) compared to the global average (55%) in 2021.

Importantly, almost 50% of the industry executives said they now bake cybersecurity and privacy implications into every business decision and into their planning. That’s a welcome change in cyber strategy. E-commerce is being made more secure, efficient and privacy-friendly. 

Here’s an important initiative for cyber and privacy teams to be part of: building a single 360° view of a consumer across all channels of interactions. That ambition runs on data — governed, discovered, protected and minimized in ways that consumers can trust. Industry leaders will make headway in coming years with new approaches to protect their customers’ dynamic digital identities as they build richer interactions with them.

Related insights: 

From data governance to data trust
2020 Holiday Outlook
Consumer companies must take leaps not steps

Energy and utility executives reset cyber strategy as the industry transforms

Half of the business and security/tech executives in the energy and utilities industry told us they believe that one of the pandemic’s most important legacies will be greater communication between CISOs and CEOs and/or boards. This welcome change is bolstered by a cyber strategy reset: Nearly half (45%) plan on baking cybersecurity and privacy implications into business decisions and a new process for cyber budgeting.

These improvements come at a propitious moment. The industry is at the front end of a momentous energy transition. Nearly 25% of these industry executives said they are redefining their core business models and organizations. They are decarbonizing the generation mix, embedding grid intelligence, redefining customer value propositions and elevating tech’s role in enabling energy supply, delivery and consumption.

Energy and utilities executives expect that attacks are very likely in 2021 via IoT-connected devices and components (32%) and through cloud service providers (30%). They are also concerned — more than all other sectors — about the significant negative impact these threats pose to their business. Nation-state threat actors and disruptionware attacks on critical business services are also a source of alarm. In fact, the security of the US power grid is considered in a state of national emergency, as underscored by a recent executive order banning the importation of bulk-power supplies from six foreign adversaries.

About 59% of CISOs expect an increase in their cyber budgets in 2021, while 48% plan on adding headcount.

Related insights:

The smart grid needs a smarter cyber strategy
Amping up innovation
Biden agenda and the energy and utilities industry