With nearly 75% of organizations experiencing at least one cyberattack and the average cost of a data breach exceeding $4 million in 2022, building resilience is now more important than ever. Moreover, as governments grapple with growing geopolitical tensions and heightened security concerns, there is increasing scrutiny on restricting the flow of data. Trends towards deglobalization and regionalization are driving a greater push for “digital sovereignty,” stifling global interoperability and increasing the complexity of cooperation in managing cyber intrusions.
Phishing and other hacking mechanisms are moving beyond emails to social media, phone calls, and other platforms, increasing employees’ susceptibility to social engineering from these multichannel threats. The continued rollout of IoT devices and other technologies also magnifies the attack surface. Meanwhile, the severity of threats is snowballing with the growing potential of AI-augmented hacking, technologies like VALLL-E that can be used to create sophisticated deepfakes, and state-sponsored attacks on critical infrastructure.
Although many businesses have effectively enacted internal cybersecurity protections, 2022 found that less than half have conducted risk assessments of their supply chain – a growing source of threats. As regulations on managing sensitive data and third-party vendors continually evolve, ensuring compliance will become increasingly complex.
To institute robust protections, companies should consider revising existing playbooks to respond to the evolving nature of cyber risk. Embedding security standards across various functions, implementing advances in tokenization and quantum cryptography, and investing in insurance can help build preparedness holistically and effectively. As such, while IT teams will continue to have a crucial role in the development and design of secure corporate networks, cybersecurity must expand to an organization-wide responsibility.
The first installment of the 2023 IJAPP Cyber Handbook features perspectives from business leaders across Marsh, Guy Carpenter, Mercer, and Oliver Wyman, who help clients become more resilient in managing cyber risk. Their expert insights explore some of the most significant trends in cyber readiness, cyber response, and new cyber regulations.