Business, Information Security

C-Suite Changes Direction on Cybersecurity

As cyberthreats are on the rise, the c-suite is looking at cybersecurity as a business risk in the new year.

Kelsey Brandt

Contributing Writer

In recent years, joined with other c-suite executives, CISOs and cyber teams have risen to unprecedented levels driven by events no one could foresee; these leaders have pushed themselves and their companies out of their comfort zones. But with each new undertaking comes new cyber threats for leaders to address. Thanks to c-suite collaboration and cumulative investments in recent years, PWC reports that 70% of surveyed c-suite leaders saw cybersecurity improvements in the past year.

What once was thought of only as a technical problem and not a business risk has all but taken over the C-suite as cybercriminal activity tops out the 2023 list of rising organizational threats. Those include challenges like mandated disclosures, tests of resilience, and pressure to get data security and privacy right. The connection between the CIOs, CISOs, and the rest of the C-suite continues to grow as more realize that cybersecurity is a business risk and value issue — not only a technical issue.

As the goalposts continue to move, there is still work to be done, and in a tough economic environment, stakes are even higher. PwC reports that “by their own assessments, CISOs see the need to advance further on five cyber capabilities: identify, detect, protect, respond, recover.” While senior executives see heightened threats to their organizations and worry they’re not fully prepared to address them, “steps to empower CISOs to advance those five cyber capabilities to mitigate these risks is critical. If “Two-thirds of executives consider cybercrime their most significant threat in the coming year” and have a catastrophic cyber attack as one of the top items included in 2023 resilience plans, CISOs need to be set up for success by the c-suite like never before.

There is hope as 46% of CEOs want to empower CISOs to drive security collaboration, and Gartner expects by 2026, 50% of C-Level executives will have performance requirements related to risk built into their employment contracts, and by 2025 40% of boards will have a dedicated cybersecurity committee, C-Suite collaboration and investment in cyber will only continue to grow amidst the growing concerns of catastrophic events.

“Cybersecurity has become a more dynamic field, rapidly adjusting and shifting to keep apace with business inventiveness,” according to PwC. CISOs who are empowered by their CEO will advocate, collaborate, and orchestrate a better cyber future.