A recent report titled "The Cyber-Resilient CEO" by Accenture (NYSE:ACN) reveals a paradox in the mindset of global CEOs regarding cybersecurity. Despite 96% of CEOs acknowledging the critical role of cybersecurity in organizational growth and stability, 74% lack confidence in their ability to prevent or minimize cyberattack damage. This paradox is primarily due to a reactive approach to cybersecurity, rather than proactive measures, as reported on Monday.
The study shows that 60% of CEOs fail to incorporate cybersecurity into initial business strategies, services, or products. Instead, they prefer sporadic intervention over continuous attention toward cyber threats. This approach has been identified as a significant factor in increasing vulnerability to security breaches.
Accenture's report further highlights the misconception among CEOs about the cost of implementing cybersecurity measures. Over half (54%) incorrectly perceive implementing cybersecurity as costlier than enduring a cyberattack. This perception is contradicted by the rising cost of cybercrime, which Cybersecurity Ventures predicts will reach $10.5 trillion by 2025 from $8 trillion this year.
Despite 90% of CEOs identifying cybersecurity as a trust-building differentiator, only 15% dedicate board meetings to it. This fact is likely because 91% relegate it to a technical function rather than an integral part of business strategy.
Accenture's study also identifies potential threats from generative AI, which concerns 64% of CEOs who fear its use in complex cyberattacks. Paolo Dal Cin, Accenture Security's global lead, underscores the need for data and digital assets security with generative AI's evolution.
The study distinguishes between "cyber-resilient CEOs" and "cyber laggards". The former excel at managing cyber threats effectively and experience lower breach costs and improved financial performance. The latter, comprising 46% of CEOs surveyed, don’t consistently adopt proactive actions and are typically reactionary.
Accenture recommends five proactive actions for achieving cyber resilience: embedding cybersecurity in business strategy from the start, establishing shared cybersecurity accountability across the organization, securing the digital core, extending cyber resilience beyond organizational boundaries and silos, and embracing ongoing cyber resilience.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.