Tech leaders elevate cyber security to foster growth

Building a cyber culture is now the top priority for technology companies as they seek to expand trust and drive innovation.

What a difference a few years make

After decades as a table-stakes cost-center focused on protecting the company—and especially amid the unprecedent threats of the past two years—cyber security is increasingly being viewed by technology companies as a business-driving competitive advantage that can help them unlock new opportunities.

That’s among the key insights from two new KPMG surveys of CEOs and security leaders in the technology industry. While managing risks and threats remained a top concern as well, the surveys shared an overall theme of cyber security moving from defense to offense, turning hard-earned lessons and innovations from the pandemic into key drivers of successful digital growth and transformation.

More than ever, tech CEOs and their Chief Information Security Officers (CISOs) are working in tandem to invest in security skills, culture and technology. They’re increasingly focused on a less reactive, more forward-looking cyber strategy that builds resiliency, promotes digital growth and innovation, and enhances customer confidence and stakeholder trust, as we outline in our new report, “Technology companies lean on cyber to go faster and gain trust.”

The report highlights a number of key findings, including investment goals, top priorities, and an evolving cyber security strategy that is being reimagined based on the experiences and innovations of the last two years.

Key steps tech companies plan to take to build digital resilience over the next three years

1 tie Focus on improving skills in cyber security and other areas of technology risk 
1 tie Establish a strong digital and cyber risk culture, championed by senior leaders
2 Strengthen governance around operational resilience and the ability to recover from a major incident 
3 Invest in a secure and resilient cloud-based infrastructure

Source: KPMG CEO Outlook 2021

People, process, technology—and investment!

One of the biggest findings from our report was a commitment to investing in cyber skill training and communication, so that employees throughout the enterprise are prepared to address any potential threats and shore up defenses. In fact, 87 percent of tech CEOs agreed that building a cyber security culture is just as important as building the related tools and controls: steadily increasing cyber proficiency needs to be a company-wide effort.

Creating this “human firewall” is vital to enterprise operations because many breaches are caused in part by human error. That’s why an investment in upskilling the entire workplace is essential to improving security and reducing risk, the CEOs said, as threats are no longer just the responsibility of the IT department. Beyond just fortifying security, though, the executives in the surveys were also optimistic that promoting vigilance and risk management would also propel innovation.

Among the other key findings:

  • Cyber security was cited as both the No. 1 risk and the No. 1 operational priority.
  • Almost three-quarters of tech CEOs (74 percent) believe they are prepared for a future cyber attack.
  • 61 percent said their company viewed information security as a strategic function—and a competitive advantage.
  • Over half of the executives surveyed (57 percent) said their company’s cyber security strategy was integrated with its growth strategy.
  • 77 percent believe a strong cyber strategy is critical to maintaining trust with customers and all other stakeholders.

Getting the big picture

Above all, the executives we spoke with underscored the need to develop holistic solutions to combat cyber security problems. That will require a two-pronged defense strategy: first, by advancing cyber skills and culture within their enterprises; and next, by taking an industry-wide approach to protect their partners and the larger ecosystem.

Our report showcased eight top considerations for tech company leaders as they advance their cyber security offerings to further safeguard the enterprise:

Expand the strategic security conversation

Develop critical talent and skillsets

Adapt security for the cloud

Place identity at the heart of zero trust

Exploit security automation

Protect the privacy frontier

Secure beyond the boundaries

Reframe the cyber resilience conversation

Looking ahead and leveraging opportunity

This heightened focus on cyber security is the new reality for technology company leaders. And, if leveraged correctly, it can help them maximize the benefits of the rapid digital innovation spurred by the pandemic.

By working with other organizations and fostering cyber proficiency, technology companies can use this opportunity to bolster their digital infrastructure while improving industry-wide safeguards. Indeed, 79 percent of tech CEOs agreed that protecting their partners’ ecosystems and supply chains is just as important as building their own organization’s cyber defenses.

Looking ahead, company leaders must remain vigilant and prepare for the risks that will arise in the increasingly hyperconnected technology landscape. This requires collaboration across the company to ensure security is prioritized and embedded within the culture, technology and operations.

For most tech leaders we talked to, that cyber commitment is no longer just about table-stakes operational coverage: It’s an ever-growing engine for innovation and gaining a competitive edge.

Indeed, 79 percent of tech CEOs agreed that protecting their partners’ ecosystems and supply chains is just as important as building their own organization’s cyber defenses.
Findings from KPMG’s report, Technology companies lean on cyber to go faster and gain trust.

Contact us

Mark Gibson

Mark Gibson

Partner, Advisory, NSL & Teams, KPMG U.S.

+1 206-913-6558