Companies globally could incur US$5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to a new report from Accenture (NYSE: ACN).
Based on a survey of more than 1,700 CEOs and other C-suite executives around the globe, the report — Securing the Digital Economy: Reinventing the Internet for Trust — explores the complexities of the internet-related challenges facing business and outlines imperatives for the CEO’s evolving role in technology, business architecture and governance.
The report notes that cybercrime from a wide range of malicious activities poses significant challenges that can threaten business operations, innovation and growth, and the expansion into new products and services, ultimately costing companies trillions of dollars. The high-tech industry faces the highest risk, with more than US$753 billion hanging in the balance, followed by the life sciences and automotive industries, with US$642 billion and US$505 billion at risk, respectively.
“Internet security is lagging behind the sophistication of cybercriminals and is leading to an erosion of trust in the digital economy,” said Omar Abbosh, who leads Accenture’s Communications, Media & Technology operating group globally. “Strengthening internet security requires decisive — and, at times, unconventional — leadership by CEOs, not just CISOs. To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”
Among the key findings: Four in five respondents (79 percent) believe that the advancement of the digital economy will be severely hindered unless there is dramatic improvement to internet security, and more than half (59 percent) of respondents said the internet is getting increasingly unstable from a cybersecurity standpoint and they are unsure how to react.
At the same time, three-quarters (75 percent) of respondents believe that addressing cybersecurity challenges will require an organized group effort, as no single organization can solve the challenge on its own. With heightened concerns about internet security, more than half (56 percent) of executives would also welcome stricter business regulations imposed by a central organization or governing body.
“The internet wasn’t built with today’s level of complexity and connectivity in mind, which is why it takes just one click — whether inside or outside the company walls — to fall prey to a devastating cyberattack,” said Kelly Bissell, senior managing director of Accenture Security. “No organization can tackle the challenges posed by cyber threats on its own; it’s a global challenge that needs a global response, and collaboration is key. To shape a future that thrives on a strong and trustworthy digital economy, senior executives need to look beyond the bounds of their organization, team with an ecosystem of partners, and secure their entire value chains — across every partner, supplier and customer.”
The rapid emergence of new technologies is creating additional challenges, as four in five respondents (79 percent) admit that their organization is adopting new and emerging technologies faster than they can address related cybersecurity issues, with three-quarters (76 percent) noting that cybersecurity issues have escaped their control due to new technologies such as the internet of things (IoT) and the industrial internet of things (IIoT). A majority (80 percent) also said protecting their companies from weaknesses in third parties is increasingly difficult, which isn’t surprising given the complexity of today’s sprawling internet ecosystems.
Also, on the minds of many senior executives: consumer data protection. Fueled by security concerns, 76 percent of respondents believe that consumers can’t trust the safety of their online identities when too much of their personal data is already available without restrictions.