Cloud related risks top the list of cyber security concerns that UK senior executives say will have a significant impact on their organisations in 2023, according to PwC’s annual Digital Trust Insights.
The research is based on an extensive survey of global and UK business leaders looking at key cyber security trends for the year ahead. Some 39% of UK respondents say they expect cloud-based risks to significantly affect their organisation in 2023, more so than cyber risks from other sources such as laptop/desktop endpoints, web applications and software supply chain.
A third (33%) of respondents expect attacks against cloud management interfaces to increase significantly in 2023, while 20% say they expect attacks on Industrial Internet of Things (IIoT) and operational technology (OT) to significantly increase in the next 12 months.
However, long-standing and familiar cyber risks remain on the horizon in 2023, highlighting the challenge facing businesses. Just over a quarter (27%) of UK organisations say they expect business email compromise and ‘hack and leak’ attacks to significantly increase in 2023, and 24% say they expect ransomware attacks to significantly increase. Nevertheless, cyber security budgets will rise for many organisations in 2023, with 59% of UK respondents saying they expect their budgets to increase.
Richard Horne, cyber security chair, PwC UK said: “In part the increase in cloud-based threats is a result of some of the potential cyber risks associated with digital transformation. An overwhelming majority (90%) of UK senior executives in our survey ranked the ‘increased exposure to cyber risk due to accelerating digital transformation’ as the biggest cyber security challenge their organisation has experienced since 2020.
“However, these digital transformation efforts – which include initiatives such as migration to cloud, moving to ecommerce and digital service delivery methods, the use of digital currencies and the convergence of IT and operational technology – are critical to future-proofing businesses, unlocking value and creating sustainable growth.”
Around two-thirds of UK senior executives say they have not fully mitigated the cyber risks associated with digital transformation. This is despite the potential costs and reputational damage of a cyber attack or data breach. Just over a quarter (27%) of global CFOs in the survey say they have experienced a data breach in the past three years that cost their organisation more than $1 million.
Cyber attack now seen as the biggest risk to organisations
The C-Suite is becoming more aware of how these complex cyber threats and the potentially damaging impact of them can pose a major risk to wider organisational resilience. Just under half (48%) of UK organisations say a “catastrophic cyber attack” is the top risk scenario, ahead of global recession (45%) and resurgence of COVID-19 (43%), that they are formally incorporating into their organisational resilience plans in 2023. This echoes the findings of PwC’s 26th annual CEO Survey, where almost two-thirds (64%) of UK CEOs said they are extremely or very concerned about cyber attacks impacting their ability to sell products and services.
Bobbie Ramsden-Knowles, crisis and resilience partner, PwC UK, said: “The potentially destructive impact of cyber threats such as ransomware have significant implications for the wider resilience of whole organisations. Only by taking a more strategic approach to resilience across high impact and increasingly plausible threats can organisations protect what matters most to business survival, reputation and ultimately build trust.”
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. Explore other upcoming enterprise technology events and webinars powered by TechForge here.