Digital ecosystems sit at the heart of global commerce, and have been instrumental in our adjustment to COVID-19.
Workforces shifting to remote environments, and increased reliance on technology, have forced comprehensive adoption and integration of technologies into personal and working lives. Such rapid and widespread implementation is, however, fraught with risk. As their digital capabilities grow, resilient businesses must also build trust in those capabilities.
6 in 10
G20 companies are experiencing a heightened level of threat from insiders
Across G20 respondents, an estimated
of revenue was lost as a result of cyber attacks in 2020
THE DIGITAL THREAT LANDSCAPE
The accelerating rate of change in digitisation is happening in parallel with a broadening of the cybersecurity threat. Organisations are facing risks from nation states, organised criminal groups, “hacktivist” campaigns and terrorists. 60% of business leaders said they are concerned by the prospect of nation state cyber attacks in 2021.
On the other end of the cyber risk spectrum are insiders. Prior to the pandemic, insider threats posed significant risks to all organisations. However, as working remotely quickly became the norm, this risk increased. As a result of COVID-19, 60% of G20 companies are experiencing a heightened level of threat from insiders.
Cybersecurity is moving even more to the forefront of corporate agendas. Because of the significant risks and potential costly damage from cyber incidents, online is the new frontline. As expected, 3 in 4 companies have seen cybersecurity become a greater priority as a result of COVID-19.
The key to both responding to and recovering from a cybersecurity incident is resilience. Compared to competitors, organisations that make resilience a priority will be less at risk of a breach.
Failure to build cyber resilience can lead to significant business impacts and cost. Across the G20 respondents, roughly $18bn of lost revenue in 2020 can be attributed to cyber attacks alone.
Only one-quarter of G20 organisations surveyed were not negatively impacted by a cyber attack in 2020. Data from the Resilience Barometer™ indicates that negative impacts from cyber attacks have increased in several areas when compared with 2019.
With the sudden need to pivot to a remote work environment, many organisations relied on shadow IT systems that were spun up quickly to maintain business operations with minimal security considerations. More than a third of G20 companies said that this is a concerning risk in a post-COVID world.
The pandemic has altered the threat landscape, and as a result, organisations will be obliged to address workforce cybersecurity in new, more flexible ways. Due to COVID-19, 49% of G20 businesses are expected to update their response plans, and the same percentage also plan to identify potential crises and assess crisis readiness.
Indeed, only 3% of G20 organisations are not preparing in any way for crises. When the difference between working towards cyber resilience or staying put can be devastating, these organisations are playing a risky game.