One in four com­pa­nies (27 per cent) glob­al­ly has suf­fered a da­ta breach cost­ing US$1 to $20 mil­lion or more in the past three years, ac­cord­ing to PwC’s an­nu­al Glob­al Dig­i­tal Trust In­sights Sur­vey, which sur­veys more than 3500 se­nior ex­ec­u­tives across 65 coun­tries.

It not­ed the per­cent­age rose to one in three (34 per cent) for com­pa­nies sur­veyed in North Amer­i­ca, with on­ly 14 per cent of firms glob­al­ly re­port­ing that no da­ta breach­es oc­curred dur­ing the pe­ri­od.

Ac­cord­ing to the sur­vey, de­spite cy­ber at­tacks con­tin­u­ing to cost busi­ness­es mil­lions of dol­lars, few­er than 40 per cent of ex­ec­u­tives sur­veyed said they ful­ly mit­i­gat­ed cy­ber­se­cu­ri­ty risk ex­po­sure in a num­ber of crit­i­cal ar­eas.

This in­clud­ed en­abling re­mote and hy­brid work (38 per cent said the cy­ber risk is ful­ly mit­i­gat­ed); ac­cel­er­at­ed cloud adop­tion (35 per cent); in­creased use of in­ter­net of things (34 per cent); in­creased digi­ti­sa­tion of sup­ply chain (32 per cent) and back of­fice op­er­a­tions (31 per cent).

The sur­vey al­so found that for op­er­a­tions-fo­cused ex­ec­u­tives, sup­ply chain se­cu­ri­ty was a ma­jor con­cern.

Nine in ten ex­pressed con­cern about their or­gan­i­sa­tion’s abil­i­ty to with­stand a cy­ber at­tack that dis­rupts their sup­ply chain, with 56 per cent ex­treme­ly or very con­cerned.

Bruce Scott, Cy­ber Leader, PwC Caribbean said, “A cat­a­stroph­ic cy­ber at­tack is the top sce­nario in 2023 re­silience plans. It ranks high­er than glob­al re­ces­sion, a new health cri­sis or in­fla­tion­ary en­vi­ron­ment.

As cy­ber threats con­tin­ue to in­crease in fre­quen­cy and so­phis­ti­ca­tion, a holis­tic ap­proach to cy­ber­se­cu­ri­ty has be­come a top pri­or­i­ty for the C-suite and boards.”

To im­prove cy­ber re­silience and build pub­lic trust, it’s clear a high­er lev­el of pub­lic-pri­vate col­lab­o­ra­tion is need­ed to ad­dress the in­creas­ing­ly com­plex cy­ber threat land­scape, PwC al­so not­ed, adding that com­pa­nies are call­ing for in­creased in­for­ma­tion shar­ing and trans­paren­cy as well as a con­sis­tent for­mat for manda­to­ry dis­clo­sure of cy­ber in­ci­dents.

An­tho­ny Zamore, Cy­ber di­rec­tor, PwC Caribbean, said: “The good news is cy­ber has pro­gressed on many fronts as CISOs and cy­ber teams rise to the chal­lenge, and oth­er C-suite ex­ec­u­tives join forces with them. While progress has been made, Zamore cau­tioned three things are need­ed to keep pace with dig­i­tal trans­for­ma­tion and help build pub­lic trust: A strate­gic risk man­age­ment pro­gramme; con­ti­nu­ity and con­tin­gency plan­ning and clear, con­sis­tent ex­ter­nal re­port­ing.

It was al­so found the ma­jor­i­ty of ex­ec­u­tives sur­veyed said their or­gan­i­sa­tions were con­tin­u­ing to in­crease their cy­ber bud­gets—69 per cent said the bud­get in­creased in 2022 and 65 per cent plan to spend more on cy­ber in 2023.

In­creas­ing bud­gets re­flect the fact that cy­ber­se­cu­ri­ty tops the agen­da for re­silience plan­ning, the com­pa­ny added.