Cyber security is now seen as a core business function rather than just an IT task.
Cyber security is no longer just an IT problem; it’s a critical part of managing risk across the entire business. Business leaders are increasingly aware of this, especially as cyber risks have multiplied since the pandemic. Interestingly, the percentage of large companies with a cyber-security expert on their board rose from 7 percent in 2013 to 28 percent in 2020. This number is expected to grow, as research predicts that by 2025, 40 percent of boards will have a dedicated cyber security committee led by a qualified member, as per Deloitte’s latest Global Future of Cyber Survey.
Cyber security is now seen as a core business function rather than just an IT task. The survey highlights that cyber security is now a “business-critical imperative—57 percent of companies plan to increase their cyber security budgets in the next one to two years, while 58 percent are working to align their cyber security spending with IT, digital transformation, and cloud initiatives. This shift towards a more integrated approach shows that businesses understand strong cyber security is vital to staying resilient in an unpredictable digital landscape.
Despite this progress, many organizations still have work to do. Only 52 percent of executives feel highly confident in their board and C-suite’s ability to handle cybersecurity challenges, and among cybersecurity-focused executives, confidence drops to just 34 percent. Even in companies with high cyber maturity, frequent breaches are common, but these firms are often better prepared to manage disruptions and maintain business continuity.
“It’s really about getting the basics right and maturing them and being excellent at them, every day, consistently. Things like foundational controls, asset management, and vulnerability management. You need to excel there, almost mindlessly. They just have to happen,” said CISO, Life Sciences and Healthcare Organization
As technology advances, more companies are using AI in cyber security, with 39 percent already incorporating it into their programs. On average, companies dedicate USD 39 million of their annual IT budgets to cyber security, a number expected to rise by about 3 percent over the next two years.
