Nine out of ten organizations reported at least one cyber incident or breach last year

Deniza Cristian 11/04/2023 | 11:45

Nine out of ten organizations (91%) reported at least one cyber incident or breach last year, according to Deloitte 2023 Global Future of Cyber Survey, and more than a third (38%) between six and ten events.


The study also points out that the frequency of cyber incidents varies depending on the level of cyber maturity of the organization, more low cyber maturity organizations experiencing over ten events (21%) compared to the mature ones (13%). Organizations’ cyber concerns also differ depending on their level of maturity, the more advanced ones being preoccupied mainly about cyber criminals and terrorists, as well as phishing, malware, and ransomware attacks, while low and medium-maturity companies have greater concerns about denial-of-service attacks.

In the context of these incidents, operational disruption (58%) is the most significant impact for organizations, followed by loss of revenue, of customer trust and negative brand impact, with 56% of respondents reporting that they suffered related consequences to a moderate or large extent.

“The cybersecurity threat landscape is becoming more complex every year and ranges from ransomware, still considered one of the main threats, according to the EU’s agency for cybersecurity ENISA, malware and supply chain attacks, to social engineering threats. The most impacted sectors are public administration and governments, digital services providers, financial services, as well as the general public, according to the same source. Organizations are increasing investments to boost cybersecurity maturity, a trend also visible in our country and which is projected to continue. But investments need to be accompanied by efforts to build a proper culture inside the organizations through awareness and communication, planning of the cyber strategies and actions to retain their experts,” stated Andrei Ionescu, Consulting and Risk Advisory Partner-in-charge, Deloitte Romania, and local leader of the cybersecurity practice.

Organizations are aware of the importance of planning in creating cyber strategies that effectively mitigate risks and drive business value, as almost two thirds of them (62%) have an operational and strategic plan to defend against cyber threats. The highly mature ones stand out in this respect, reaching 91%, the study highlights. Additionally, more than half of the surveyed companies have an annual cybersecurity awareness training among the employees (59%) and a cybersecurity incident-response plan that gets updated and tested annually (58%).

Beyond planning, attracting and retaining the right talent is an important factor in creating successful cyber strategies and companies are taking meaningful steps in doing so, the study shows. In order to engage, retain and develop existing talent, companies mainly offer access to training and certifications programs (54%), flexible and hybrid working options (50%) and specialized career paths (45%).

The report also shows a clear connection between cyber activities and a series of benefits, including trust. For organizations with a high level of cyber maturity, improved brand reputation (64%) and improved digital trust for customers and employees (62%) are among the top benefits of their cyber actions. At the opposite end, low cyber mature companies see significant gain in areas such as confidence in tech integrity (35%) and customer trust and brand impact (31%). The latest edition of Deloitte Global Future of Cyber Survey focuses on the opinions of more than 1,000 cyber decision-makers across 20 countries from EMEA, North and South America and Asia Pacific. The report captures the increased impact that cybersecurity has on businesses. Deloitte Romania’s cybersecurity team is specialized in strategy, including cyber crisis exercising and deep dive assessments, defense, including identity and access management services, security operations, proactive and reactive incident management processes and technologies, and attack, revolving around penetration testing, such as red-team testing (TIBER-EU).

The team is an active player during top cyber exercises organized in Romania. In the last years, Deloitte Romania has been one of the very few private organizations selected to participate, alongside the Ministry of National Defense, in the annual exercises organized by NATO. In 2022, Deloitte’s cyber team participated in one of the largest cybersecurity exercises organized in Romania by the National CYBERINT Center within the Romanian Intelligence Service. In addition, the local cybersecurity experts, who own tens of specialized certifications, provide internationally recognized trainings through Deloitte Academy, the professional training unit of Deloitte Romania. Deloitte is an official Authorized Training Center (ATC) in Romania for the International Council of E-Commerce Consultants, also known as EC-Council. At a global level, for the eleventh year in a row, Gartner ranked Deloitte the leader in security consulting services by market share.

BR Magazine | Latest Issue

Download PDF or read online: May (I) 2023 Issue | Business Review Magazine

The May (I) 2023 issue of Business Review Magazine is now available in digital format, featuring the main cover story titled “MedLife BVB performance highlights potential of Romania’s emerging
Deniza Cristian | 17/05/2023 | 15:38

    You will receive a download link for the latest issue of Business Review Magazine in PDF format, based on the completion of the form below.

    I agree with the Privacy policy of

    I agree with the storage and handling of my data by

    Advertisement Advertisement
    Close ×

    We use cookies for keeping our website reliable and secure, personalising content and ads, providing social media features and to analyse how our website is used.

    Accept & continue