Deloitte’s 2023 Global Future of Cyber Survey reveals that cyber increasingly plays a foundational role in delivering business outcomes. For consumer companies, the quality of those outcomes will depend on how well decision-makers understand today’s environment and prepare for what comes next.
These five highlights provide a glimpse into where consumer organizations are now—and where they are going.
How can consumer organizations prepare for an evolving cyber landscape? The following five insights and five corresponding actions, based on Deloitte’s experience and our survey findings, can provide a starting point for navigating the future of cyber.
1. Trust is still the main product that all brands should be offering. Consumers are becoming highly attuned to privacy issues—aware that they are providing brands with a steady stream of personal information that could also prove valuable to cyber criminals. Brands that consumers trust most with their private data may win out over brands that provide superior products or services.
Show consumers how serious you are about privacy and trust. Do more than send customers privacy policies, opt-out notices, and alerts. Build trust by pulling back the curtain to show them how you are actively addressing cyber issues and protecting them. Fill them in on your cyber plans, activities, and results—without giving cyber criminals useful intelligence.
2. Regulations and regulators remain in the spotlight. Often tied to privacy concerns, regulations are another area where organizations are feeling pressure. As cyberattacks become more widespread and complex, risks for consumers grow, and so does the attention of regulators. More than 50% of consumer organizations surveyed said they have seen regulatory fines to a moderate or large extent as a result of cyber incidents or breaches.
Think like a regulator. Taking a pragmatic, risk-based approach can help avoid fines and alleviate concerns about privacy and trust. Do not wait for regulators to show up. Apply a cyber regulator mindset across your business, working across the organization to identify and remediate issues before they attract attention and erode consumer trust.
3. Operations require much more attention. Consumer organizations are getting jammed at the intersection of cyber and operations. While they may have solid overall cyber strategies in place, they may lack the cyber infrastructure and action plans to address ongoing supply chain disruption, business continuity needs, and internal controls.
Get meticulous about cyber and your operations. Start with the basics—ensuring that you have the proper controls and framework in place to embed cyber across operations. Think in terms of end-to-end processes, not just individual activities that are prone to cyber risk and operational disruption. Have deep-dive conversations across the C-suite and with key operational personnel.
4. Talent needs have reached a pivotal point. The challenge of attracting, developing, and retaining cyber talent is a constant. As the technology and threat landscapes evolve, the existing workforce of any consumer company can struggle to keep up. Many organizations are coming to the harsh realization that they simply do not have the deep knowledge they need to thrive in the future of cyber.
Build and supply a talent pipeline focused on the future. Work with governments and universities to establish partnerships and training programs that can foster the next generation of cyber talent for the consumer industry. Invest in tomorrow’s workforce as well as today’s by adding business training to the mix—not just technology skills.
5. Emerging technologies bring rampant opportunity and risk. Cloud and 5G are among the top digital transformation priorities for consumer companies surveyed. The industry is filled with opportunities to leverage new technology for business benefits—from data-driven customer insights to IoT-connected stores to immersive experiences with metaverse applications. With this increased digitalization and integration comes countless new points for cyber risk.
Get technical about emerging technology and your business. Look granularly at the risk posed by each technology and the planned application. In addition to assessing controls and risk management strategies, make sure business area leaders are aware of the risks and needs that come with new applications—so they can prepare and invest appropriately.
To get a broader view of the cyber landscape, explore additional insights from the Deloitte 2023 Global Future of Cyber Survey, which asked 1,110 leaders across industries and across the globe to share their views on cyber threats, enterprise activities, and the future.