Cybersecurity, a key element to an organization’s business strategy success

As companies navigate economic challenges with increasingly higher threats, executives boost the business development and the digital ecosystem reliability by incorporating cybersecurity initiatives.

By Samuel Ardila, a Risk Advisory Partner for the Andean Region of Deloitte Spanish Latin America

The cybersecurity management was for some time an area underestimated by some companies, but those days have been left behind. Today, having a strategy in this area is not only an important part of the shield against cyberthreats but also an adhesive that keeps organizations together by closely linking the risk management to operations, results and business opportunities.

In this regard, the Deloitte 2023 Global Future of Cyber Survey describes how cybersecurity has become a facilitator for businesses and how its integration into all practices has resulted in a huge success. Therefore, cybersecurity is not only a business of IT department since it is now a fundamental element for any organization’s business strategy.

The survey, with the participation of 1,100 information security leaders from all geographies and industries, revealed that 91 % of respondent organizations faced at least one cybersecurity incident over the last year (3 % more than in 2021) and 56 % reported that moderate or serious consequences resulted from incidents faced.

Likewise, 86 % of executives stated that their data protection approach had a significant and positive contribution to businesses. In fact, organizations facing constant interruptions adjusted their business priorities and commercial initiatives to consider new technologies while working with extended ecosystems to develop solutions. 

Main Findings

In order to classify maturity in the cybersecurity management of companies, Deloitte used three sets of practices: cyber-planning, key cyber-activities and involvement of the board of directors. Based on the foregoing, the report segments organizations in three groups according to their maturity level (low, medium, high). 

By separating organizations with high cyber maturity from their counterparts that are at medium and low levels, the report identifies what is differently done by leading cybersecurity management companies thus presenting the extent to which cybersecurity supports the business success and value.

The main findings and initiatives implemented by highest cyber maturity level organizations include:

  • The implementation of the cloud as data storage platform and as part of the digital transformation process is a priority for cybersecurity leaders. The cloud climbs to the first position moving the data analytics to the second place of the most relevant initiatives.
  • The growing role of information technologies in meeting business ambitions allows for the introduction of new business models, but it also expands the attack surface; therefore, the cybersecurity management shall be integrated from the initiative’s inception.
  • Companies with high cybersecurity management maturity obtained 30 % more of these services from third parties, related mainly to the cyber strategy management, data protection, privacy and cloud security.