Over 60% of the CEO and CTO globally predict an increase in cyber crime in 2022 and the mobile, Internet of Things, and cloud top the list of anticipated targets, according to PwC ”Digital Trust Insights 2022” survey. Also 53% say nation-state attacks are likely to grow.
Almost 60% expect a jump in attacks on their cloud services and 56% of respondents say their organizations expect a rise in breaches via their software supply chain. At the same time, the respondents anticipate significant increases in ransomware attacks (21%) and cryptomining (21%).
”Organizations can be vulnerable to an attack even when their own cyber defenses are good, a sophisticated attacker searches for the weakest link, sometimes through the organization’s suppliers. According to our survey, most organizations have difficulty understanding cyber and confidentiality risks in relation with their suppliers. Therefore, business processes simplification that generates complexity and securing relationships with partners are more than necessary now”, said Mircea Bozga, Risk Assurance Partner, PwC Romania.
Nearly three quarters of respondents said the complexity of their organization poses concerning cyber and privacy risks. Data governance and data infrastructure (77% each) ranked highest among areas of unnecessary and avoidable complexity.
Bad habits are often: using many tech solutions that don’t even work together and non-compliance with data management processes or risks with third parties.
Asked how their companies are minimizing third-party risks, the most common answers were auditing or verifying their suppliers’ compliance (46%), sharing information with third parties or helping them in some other way to improve their cyber stance (42%), and addressing cost- or time-related challenges to cyber resilience (40%). But a majority have not refined their third-party criteria (58%), not rewritten contracts (60%), nor increased the rigor of their due diligence (62%) to identify third-party threats.
Organisations know that risks are increasing and more than 50% expect a surge in reportable incidents next year above 2021 levels.
In this context, 69% of organisations predict a rise in cyber spending in 2022 compared to 55% last year. More than a quarter (26%) predict cyber spending hikes of 10% or more.