As a result of these growing vulnerabilities and a constantly evolving threat landscape, G20 organisations must continue to assess their cybersecurity defences in order to keep pace with both malign actors and satisfy regulators: . More than half of G20 organisations (51%) have already had to notify regulators or individuals directly regarding breaches of personal data or personally identifiable information over the last year – a figure that is likely to increase over the next 12 months.
Countering threats requires a holistic, 360-degree strategy that addresses both data privacy and cyber-security threats. And whilst 53% of G20 organisations take a proactive stance on cybersecurity, proactivity doesn’t automatically translate into preparedness. Indeed, despite an awareness of threats and proactive efforts in addressing them, 85% of G20 companies reported some form of weakness in their incident response capabilities, with 33% saying that of their incident response capabilities, detection and analysis is weak and nearly six out of ten (58%) not fully understanding the cybersecurity risks posed by third parties.
This is cause for alarm, as organisations that are struggling to determine whether they have been compromised, and what the scope of the incident involves, are unable to appropriately manage the fallout or properly react. This weakness not only impacts resilience, but also reputation management and compliance with regulatory requirements.