Cyber threats tops CEO concerns, followed by prioritising digital transformation over the next three years.
As technology pervades every part of an organisations CEOs are more aware of the growing needs of the technology issues that govern their business, with a growing number of Australian CEOs fearing cyber threats a direct challenge to business growth in 2021.
According to PwC’s 24th CEO Survey, however, having adapted to massive disruption during the COVID-19 pandemic, the majority are less concerned about the speed of technology change and are prioritising digital transformation over the next three years.
While the pandemic has forced more businesses to rapidly digitise their offerings, they were often catering to static audiences. With consumer habits now altered, there’s a window of opportunity for businesses to empower consumers through personalisation, so that they actively choose to continue transacting digitally and don’t ‘jump ship’ to a competitor. With increased digitisation, the cost of change decreases. Businesses will need to differentiate through a laser focus on customer experience.
Demonstrating return on investment
There’s little doubt that Australia’s CEOs are recalibrating their technology plans in 2021. The majority (79 per cent) of the nation’s business leaders are increasing investment in digital transformation over the next three years. This is in response to many factors including the pandemic, government incentives and real signs of economic recovery. While the speed to technology change continues unabated, fewer local CEOs are worried about it (62 per cent, down from 73 per cent last year). It would appear that 2020 forced CEOs out of their comfort zones, with most companies accelerating digitisation programs, and CEOs have grown in confidence accordingly.
As digital investment ramps up, CEOs, boards and shareholders will naturally expect quantifiable results. This expectation (coupled with the sheer scale of recent changes) suggests that businesses will benefit from breaking transformation into tangible steps, with each step delivering value. This will help maintain momentum, retain stakeholder confidence, and achieve incremental returns on investment.
Clearly then, the ability to pinpoint projects and track the progress of investments will be all-important. However, not all Australian businesses will have the capability to do so.
Just 26 per cent of local CEOs are significantly increasing their focus on digitising risk management functions this year (compared with 47 per cent of global CEOs). For many, a strategic rethink on this may be required.
Creating a secure digital future
One area of risk that is most certainly commanding CEOs’ attention is that of cybersecurity. The overwhelming majority of Australia’s CEOs (95 per cent) identify cyber hazards as a key threat to organisational growth. Some 78 per cent are stepping up long-term investments into cybersecurity and privacy, in line with Europe’s General Data Protection Regulation (GDPR), and the same number are factoring cyber threats into their strategic risk management activities.
These numbers are understandable given the increase in cyberattacks in Australia over the past year or so.
Many of which brought entire organisations to a standstill, with an increase in high-impact cyberattacks, like ransomware, changes in director liability, governance expectations and regulatory reform are also prompting directors to seek more assurances over cybersecurity (particularly in areas of critical infrastructure, the subject of specific reform in 2021).
This may explain why about a quarter (27 per cent) of Australia’s CEOs say their organisation needs to do more to measure cybersecurity and data privacy, while one in five (22 per cent) think they should be doing more to report on it.
When it comes to measurement and reporting, one key step is being able to articulate cyber risk in a way that is meaningful to executives, directors and investors. It’s more important than ever to be able to interpret data, quantify cyber risk and explain how this relates back to specific business outcomes.
When asked about the factors impacting their cybersecurity strategy, an overwhelming majority of Australia’s CEOs again cited the increasing complexity of cyber threats (92 per cent). This was followed by cybersecurity and data privacy regulations, such as GDPR (60 per cent) and vulnerabilities in supply chain and of business partners (44 per cent).
Fears rise over misinformation
The past year has seen a steep rise in the number of CEOs who are concerned that misinformation could threaten growth, with 67 percent of Australia’s CEOs cited this (up from 43 per cent last year), and 70 per cent of global CEOs agreed (up from 50 per cent last year).
This illustrates that new and different cyber risks are emerging all the time. The Australian Cyber Security Strategy 20201 outlined how the government is investing A$1.67 billion over 10 years to strengthen the nation’s cyber resilience.
Now, and in the future, corporate CEOs will need to show similar resolve. Businesses cannot protect themselves by simply doing what they have always done.
Digital transformation efforts have accelerated as organisations adapt to a ‘COVID-normal’ world. The unpredictability of current events has highlighted vulnerability and the need for a focus on cyber – and organisational – resilience. Despite an increase in CEOs considering cybersecurity in their business decisions, organisations still have much to do; including a greater investment in their people to ensure they have the skills they need.