Future of Cyber Survey

1. Future of Cyber Survey Introduction: THE GROWING VALUE OF CYBERSPACE Gaining a better understanding of the future of cyberspace is an ongoing endeavour that enables us to not only keep ahead of new threats but also spot new opportunities for economic value. Deloitte’s 4th edition of the Global Future of Cyber Survey highlights the growing importance of cybersecurity in tech-driven programs and business outcomes. As enterprise-wide cyber concerns increase, the roles of the chief information security officer (CISO) and other C-suite executives are evolving accordingly. A Game-Changing Era of Transformational Cyber Strategies Prioritizing results and adaptation • The future of cyber is rapidly evolving as organizations face ongoing complexity and new threats. However, one constant remains: cybersecurity is essential to delivering desired business outcomes across all industries. The Global Future of Cyber Survey highlights the strong link between cybersecurity and business impact. It surveyed nearly 1,200 leaders across various industries, including C-suite executives and senior leaders responsible for IT, security, risk, and business activities. The focus on achieving results is elevating • The survey indicates that cybersecurity is now a crucial business function, with increasing CISO leadership. However, only 52% of respondents trust their C-suite and board in cybersecurity matters, dropping to 34% among those in the C-suite focused on it. In contrast, organizations with high cyber maturity boast 82% confidence in their leadership. Additionally, 86% of respondents are enhancing their cyber strategies, with 85% expecting positive results. High- cyber-maturity organizations expect nearly double the benefits compared to their peers, highlighting their effective cybersecurity strategies. Cyber-mature organizations are stronger and more equipped • A recent Deloitte survey highlights high cyber-maturity organizations that excel in strategic cybersecurity planning. There’s a growing influence of cybersecurity on technology projects, with leaders like CISOs playing key roles in guiding initiatives and securing funding. Despite facing more breaches, these organizations show resilience and emphasize integrating cybersecurity into business strategies, focusing on value-driven investments and proactive risk management. How does Deloitte Developed the Insights Behind the research Deloitte’s 4th Edition of The GlobalFuture of Cyber Surveyreport analyzes the needs of enterprise leaders, based on feedback from nearly 1,200 cyber decision-makers across 43

2. countries. It assesses changes in cybersecurity, evaluates C-suite cyber savviness, and highlights strategies organizations use to enhance cybersecurity’s business value. Key Findings: Cyber Influences strategic Value Aiming for a greater economic impact • Organizations are increasingly integratingcybersecuritystrategies into their operations, guided by a knowledgeable C-suite and CISO. This focus helps them stand out and achieve strategic goals. The information below highlights insights from surveys and global leaders to aid cybersecurity professionals in enhancing their practices. Cybersecurity remains essential for strategic business value, receiving increased attention • Cybersecurity is crucial in today’s interconnected digital landscape. Organizations have various strategies and actions to enhance their cyber readiness and increase business value. Taking action is a first step, but it is not the sole step in the process • A significant 86% of respondents are actively enhancing their cybersecurity, indicating a strong recognition of the need for robust programs. They focus on critical activities such as mitigating risks, enhancing controls, improving incident response, increasing employee awareness, and adopting strategic plans. Organizations with higher cyber maturity engage in these actions more extensively than their less mature counterparts. Guided by strategy, cybersecurity execution gets more integrated across the business • Organizations are increasingly implementing strategic cyber actions like benchmarking, collaboration, and governance. Notably, 83% of respondents view these measures as crucial to their cybersecurity strategy. Eyeing bigger cybersecurity investments amid increasing threats • Most global respondents (57%) plan to increase their cybersecurity budgets in the next 12 to 24 months, integrating them with other business areas. Recognizing cybersecurity as a business imperative, organizations can enhance collaboration and decision-making, better protecting their assets and resilience in a digital world. Attack realities are increasing, including new cyberthreats and concerns associated with generative artificial intelligence (GenAI) • Organizations are boosting cybersecurity investments due to rising threats like phishing and ransomware, with many reporting multiple breaches last year. High-maturity organizations are wary of GenAI risks and new vulnerabilities from automation and data sharing. Respondents express that technology integrity is the primary concern as their expectations for the benefits of cyber programs increase • Organizations are increasingly impacted by cyber threats, with 64% facing issues like operational disruption. This highlights the need for strong cybersecurity measures. Despite challenges, expectations for benefits like better threat detection remain high, with the CISO playing a key role in risk management and resilience.

3. Insights for Managing the Future of Cybersecurity Enhancing enterprise cybersecurity • To thrive in the future of cyber, organizations must understand and act on emerging trends to drive measurable business impact. By focusing on key factors and potential steps, they can enhance their cyber maturity and differentiate themselves from competitors. Strengthen cyber essentials, actively foster connections and collaboration, and decisively build greater resilience • Cybersecurity is vital for business strategy and should be integrated across all functions, not just IT concerns. By prioritizing cybersecurity, organizations can improve collaboration, decision-making, and risk mitigation, safeguarding their assets and enhancing resilience in a digital world. CISO, the rest of the C-suite, and the board should all be more involved and astute • CISOs (Chief Information Security Officers) need to actively participate in strategic discussions about technology and business to protect the entire organization. Since cybersecurity poses a major risk, it’s crucial for the C-suite executives and the board to be engaged in these conversations. By providing valuable insights, CISOs can help ensure that cybersecurity is allocated the necessary resources and recognized as a strategic priority. Make a conscious effort to incorporate budgets based on governance and strategy • Integrating cybersecurity budgets with digital transformation investments highlights its importance and encourages funding inclusion. This can align cybersecurity with business goals, but if not explicitly listed, it may be seen merely as a cost, reducing its perceived value. Last words : MAKING THE FUTURE MATTER The future ofcybersecurityis unfolding at this very moment, with each passing second bringing forth new challenges, innovations, and strategic decisions. As various risks emerge alongside advancing technologies, organizations must thoughtfully consider how to navigate this evolving landscape. The way an organization prepares for these changes and responds to them will not only shape its overall cyber maturity but also play a critical role in determining the trajectory of the business’s future. Embracing proactive strategies and staying ahead of potential threats can empower the organization to thrive in an increasingly complex digital world.