Managing cybersecurity Cybersecurity has leapt up the C-suite agenda. Cyber criminals today are no Key findings about the CFO’s role in managing longer lone hackers — they are syndicated criminal networks, in some case cybersecurity sponsored by nation states, with clear objectives and long-term strategies. Major breaches are increasing in frequency in all sectors. When they occur, the financial, reputational and operational costs often become headline news. 66%of CFOs make cybersecurity a high or very high priority. Most CFOs now recognize that robust cybersecurity is fundamental to protecting shareholder value. But our survey shows that a lack of understanding of IT issues can prevent CFOs from recognizing what a mature cybersecurity CFOs whose collaboration with the CIO and other C-suite capability looks like and where they need to invest. executives is increasing recognize more fully the scale of cyber risk “ The more sophisticated attackers are looking at The majority (66%) of the 652 organizations we surveyed make cybersecurity a priority. Those who make it a very high priority are also those who tend to economic manipulation as an objective. This might collaborate more with their CIO and other C-suite peers (see Chart 5). involve trying to manipulate the share price. Their Chart 5: Increased collaboration with CIO and C-suite peers in the last three years aim may include attempts to change the value of an 35% organization through sustained attacks over a long Much greater collaboration with CIO 18% period and then capitalize on that change in value. 35% The threats are becoming incredibly sophisticated.” Much greater collaboration with CEO 14% Ken Allan, Global Cybersecurity Leader, EY 23% Much greater collaboration with CMO 11% CFOs who make cybersecurity a very high priority in the last three years Others Partnering for performance Part 3: the CFO and the CIO 11
Partnering for Performance Part 3 Page 10 Page 12