Digitization Demands a New Approach to Tackling the Cyber Threat

A new report from KPMG From enforcer to influencer: Shaping tomorrow’s security team is calling on business leaders to ensure cyber security specialists are part of the C-suite decision making process, with digitization at the heart of their future growth strategies.
To find out more about how cyber security roles are evolving, KPMG professionals spoke to a number of Chief Information Security Officers (CISOs) from major organizations, from a wide range of industries and regions, as well as to KPMG’s cyber security specialists from around the world.

From these insights we have identified the seven actions that CISOs should take to help keep organizations resilient and competitive. We invite you to explore these actions and encourage you to contact us to learn more.
1. Act like you belong in the C-suite: CISOs must speak the language of the C-suite, building consensus, demonstrating pragmatism and navigating politics, to help leaders understand the cyber implications of their strategic choices.
2. Broaden horizons: CISOs’ responsibilities are broadening to include safeguarding data, dealing with disruptive events to maintain operational resilience, managing third parties, handling regulatory compliance, and helping to counter cyber enabled financial crime. This demands they forge strong working relationships with other business leaders including the Chief Risk Officer (CRO), the Chief Data Officer (CDO) and, of course, the Chief Information Officer (CIO).
3. Weave cyber security into the organizational DNA: Today’s CISOs should be sophisticated communicators, working with other business leaders to embed cyber security into the DNA of the organization. This, says the report, “involves integrating security into governance and management processes, education and awareness, plus establishing the right mix of corporate and personal incentives to do the right thing.”
4. Shape the future cyber security workforce: CISOs will have to acquire capabilities from outside the organization, build new partnerships and look for unconventional and diverse talent
5. Embrace automation as the rising star: Automation can reduce the manual workload and ease skills shortages, bringing in greater efficiency and helping meet growing compliance requirements in a consistent and repeatable way.
6. Brace for further disruption: We are heading toward a hyperconnected world in which the IoT and 5G networking will massively increase efficiency and enable radically different business models.
7. Strengthen the cyber security ecosystem: Organizations are now part of a complex ecosystem of suppliers and partners, tied together through shared data and shared services. Conventional contracts and liability models seem ill-suited to the rapidly evolving supply chain threat, calling for a new partnership approach that brings security to all parties and individuals.
According to the report, “at the heart of KPMG’s recommendations is a recognition at C-suite level that digital security experts should be key players in the overall decision-making processes, guiding the future direction of the business, developing robust digital infrastructure, embracing innovation and helping to identify potentially critical threats ahead.”
For much more, see From enforcer to influencer (assets.kpmg).