Manufacturers ramp up cyber defenses as supply-chain bottlenecks—and vulnerabilities—deepen
Learn more:
of sector leaders anticipate an increase in reportable incidents occurring at the supply chain software level.
58%
— PwC, 2022 Global Digital Trust Insights, October 2021.
Align IT, OT to protect operations
cISo
Despite your IT responsibilities, you’re limited in how you can protect some of your company’s most vulnerable environments in operations technology (OT). Often, control of these technology tools is not in your hands. Yet the damage could be severe if ransomware or other threats penetrate manufacturing, connected and Internet of Things (IoT) devices or other operational environments.
Deepen your relationship with the VP of manufacturing to better assign and align security responsibility, share data, create effective controls and integrate security-by-design into processes, products and services. You can help them add a security focus to their product and customer focus, thereby helping you better protect the company as its cyber digital transformation accelerates.
Align IT, OT to protect operations
7:00 PM: Dinner with VP of manufacturing
How CISOs and boards can prepare for the new era of cyber transparency
Annual Corporate Directors Survey findings for 2021
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon.
Learn more:
of directors said they felt they understood their company’s cyber vulnerabilities.
Only
33%
— PwC, 2021 Annual Corporate Directors Survey
Direct support where you need it
cISo
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Charting the course through a changing governance landscape
How CISOs and boards can prepare for the new era of cyber transparency
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon
Learn more:
say their board effectively understands impacts regarding enterprise cyber risks.
Only
—PwC, 2023 Global Digital Trust Insights
Direct support where you
need it
cISo
37%
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Securing critical infrastructure: Get ready as voluntary becomes mandatory
The next test of corporate resilience: How to manage risks from geopolitical and related crises
Learn more:
are very concerned about being able to withstand a cyber attack.
—PwC, 2023 Global Digital Trust Insights
Plan for cyber crisis management
cISo
56%
Tolerating or even actively fostering cyber threats has become part of the playbook of certain state actors worldwide. Assess the risks to your company, its assets and its supply chain from cyber threats in crisis zones and from hostile state actors.
To help gauge third-party risks to your operations, create or update a full inventory of vendors and subcontractors on which IT depends. Also consider building and strengthening relationships with national or local government agencies focused on cybersecurity.
Plan for
cyber crisis management
2:00 PM: Catch up on latest security news
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Build confidence in your cloud journey across the enterprise
Jump-start cloud adoption with cloud security
Learn more:
— PwC, 2023 Global Digital Trust Insights
of organizations are very confident they are secured against the common causes of cloud breaches.
Only
Secure cloud
19%
cISo
Moving to the cloud changes the nature of information security. Make sure your Chief Technology Officer understands the security risks that your company will continue to face during and after cloud transformation, such as keeping your data and intellectual property safe.
You also may wish to present the additional risks that a multi-cloud strategy might entail, as well as a plan to address them — such as a single solution to secure data across multiple clouds. Explain the benefits of automating parts of cloud security through secure cloud blueprints, hardened Infrastructure-as-Code (IaC) templates and tests to address vulnerabilities before release.
Secure cloud
1:00 PM: Meet with CTO on cloud security
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Reduce application bloat and trim costs with portfolio rationalization
Learn more:
of tech leaders expect a rise in ransomware attacks in the coming year.
— PwC, 2023 Global Digital Trust Insights
Standardize and automate cyber tech
45%
cISo
It’s usually a better idea to simplify and standardize cyber, rather than chasing after the latest technology fix. By standardizing cyber, you can help make it more feasible to deploy cyber leading practices across the company — including in different regulatory jurisdictions. That can also make it easier to automate more of cyber, which may help cut costs and reduce business friction.
Verify that your vendor can help support simplification, either by unifying your tools on a single technology stack or working with your current stack. Ideally, solutions should also support “zero-trust security”: a suite of tools that continually authenticates and verifies each user, device, action and transaction.
Standardize and automate cyber tech
12:00 PM: Lunch with vendor
— PwC, 2023 Global Digital Trust Insights
of executives say their companies now fund cybersecurity as a percentage of tech spending, including operational technology (OT) and automation.
Identify and optimize resources
40%
cISO
Building digital trust: The partnership of leadership and operations
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Get smart on cyber investment strategies
Learn more:
Partner with your CFO and CIO to help transform cybersecurity so that you’re not just playing defense, but rather developing a big-picture plan to help reduce costs, grow revenue and stay ahead of emerging threats. Work with the CIO to cut costs and enhance defenses by eliminating overlapping capabilities, improving technology integration and increasing visibility.
For example, you may need to catalog your digital assets and identify end points that should be patched, retired or upgraded. Plan to present the CFO with a data-driven approach to investment: You can assess current and emerging threats systematically — and quantify the impact of a possible breach — with the help of cyber risk quantification.
Together, the three of you can work out an approach that aligns your cyber resources, risks and exposures. The result should be cybersecurity that secures your company’s foundations and also supports the business by improving the customer experience, the employee experience and even speed to market.
Identify and optimize resources
11:00 AM: Meet with CFO and CIO
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
The complexity of trust: PwC's Trust in US Business Survey
How CISOs and boards can prepare for the new era of cyber transparency
Learn more:
of executives feel highly confident that they can effectively meet all disclosure requirements.
Only
— PwC, 2023 Global Digital Trust Insights
Make cyber more transparent
9%
CISO
Are you prepared to report on cyber breaches within 72 hours? It’s just one of many growing demands for transparency coming from a new law and an SEC proposal. Failure to comply could lead not just to fines, but also to reputational damage.
To meet the new requirements, work with your Chief Risk Officer, your general counsel and other senior executives. Your goal is to create an accurate, compelling narrative, set priorities and identify which rules will require concrete changes in your cyber risk management practices. Also consider how cybersecurity can plug into teams responsible for external reporting and how stakeholders may react to disclosures.
Make cyber more transparent
10:30 AM: Meet with CRO
Securing America’s infrastructure
Securing America’s infrastructure
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Learn more:
— PwC, 2023 Global Digital Trust Insights
of executives expect an increase in cybersecurity spending
Drive cyber-business alignment
65%
cISo
Seize this moment — when many leaders have named cyber threats as a top concern — to enable cybersecurity to more effectively support your company’s growth. Help business unit leaders understand security priorities, cyber leading practices and how to create a company-wide culture of cybersecurity. Ask for their help in designing — and securing funding for — cyber tools and processes that can help reduce friction for the business.
To help support ongoing collaboration, explain some of the innovative approaches and technologies that can help automate cybersecurity to cut costs and provide more speed for the business. To drive ever-closer alignment between cyber and business strategy, set up regular discussions.
Drive cyber-business alignment
9:30 AM: Meet with business unit president
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Uncover the risks that lurk in your supply chains
How well do you know the risks posed by your third parties and supply chain?
Learn more:
—PwC, 2023 Global Digital Trust Insights
of senior executives say they have fully mitigated the risks their bold moves incurred.
Fewer than
Build cyber resilience
40%
cISO
For security in an interconnected world, it’s imperative to build technological and operational resilience that addresses possible third-party risks. You’ll need to be ready to protect critical assets, decrease downtime for core business processes, address regulatory implications and support a quick recovery.
That requires more than just assessing and mitigating the impact. You’ll likely also need to engage with the third party to understand its response. You can then update senior management and the board and issue cyber-breach reports as the new law requires. Consider, too, applying lessons learned through metrics reporting, enhanced training and renewed awareness of dependencies.
Build cyber resilience
7:30 AM: News of supplier breach
If you’re a cybersecurity leader, odds are you’re getting a lot of attention from every corner of the business these days. As remote work grows, digital transformation accelerates, geopolitical challenges escalate and regulations change, everyone wants to know what you’re doing to protect your company and build long-term cyber resilience: Are you setting up a foundation for long-term growth in the face of potential breaches, ransomware attacks and other threats?
Here are some of the challenges that may fill your calendar on a typical day — and some ideas for how to navigate them to meet your growth goals.
If you’re a CISO, you have a packed agenda. Here’s what your day may look like
What’s important to CISOs in 2023
Topics shaping the cybersecurity agenda
Protect operations
Protect operations
Board relationships
Board relationships
Build board relationships
Build board relationships
Plan for crisis response
Plan for crisis response
Secure cloud
Secure cloud
Automate cyber
Automate cyber
Make cyber-smart investments
Make cyber-smart investments
Increase cyber transparency
Increase cyber transparency
Drive cyber-business alignment
Drive cyber-business alignment
Build cyber resilience
Build cyber resilience
A C-suite united on cyber-ready futures
Explore findings from the 2023 Global Digital Trust Insights
Manufacturers ramp up cyber defenses as supply-chain bottlenecks—and vulnerabilities—deepen
Learn more:
cISO
of sector leaders anticipate an increase in reportable incidents occurring at the supply chain software level.
58%
— PwC, 2022 Global Digital Trust Insights, October 2021.
Align IT, OT to protect operations
Despite your IT responsibilities, you’re limited in how you can protect some of your company’s most vulnerable environments in operations technology (OT). Often, control of these technology tools is not in your hands. Yet the damage could be severe if ransomware or other threats penetrate manufacturing, connected and Internet of Things (IoT) devices or other operational environments.
Deepen your relationship with the VP of manufacturing to better assign and align security responsibility, share data, create effective controls and integrate security-by-design into processes, products and services. You can help them add a security focus to their product and customer focus, thereby helping you better protect the company as its cyber digital transformation accelerates.
Align IT, OT to protect operations
7:00 PM: Dinner with VP of manufacturing
How CISOs and boards can prepare for the new era of cyber transparency
Annual Corporate Directors Survey findings for 2021
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon.
Learn more:
cISO
of directors said they felt they understood their company’s cyber vulnerabilities.
Only
33%
— PwC, 2021 Annual Corporate Directors Survey
Direct support where you need it
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Charting the course through a changing governance landscape
How CISOs and boards can prepare for the new era of cyber transparency
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon
Learn more:
cISO
say their board effectively understands impacts regarding enterprise cyber risks.
Only
37%
—PwC, 2023 Global Digital Trust Insights
Direct support where you
need it
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Securing critical infrastructure: Get ready as voluntary becomes mandatory
The next test of corporate resilience: How to manage risks from geopolitical and related crises
Learn more:
cISO
are very concerned about being able to withstand a cyber attack.
56%
—PwC, 2023 Global Digital Trust Insights
Plan for cyber crisis management
Tolerating or even actively fostering cyber threats has become part of the playbook of certain state actors worldwide. Assess the risks to your company, its assets and its supply chain from cyber threats in crisis zones and from hostile state actors.
To help gauge third-party risks to your operations, create or update a full inventory of vendors and subcontractors on which IT depends. Also consider building and strengthening relationships with national or local government agencies focused on cybersecurity.
Plan for
cyber crisis management
2:00 PM: Catch up on latest security news
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Build confidence in your cloud journey across the enterprise
Jump-start cloud adoption with cloud security
Learn more:
cISO
— PwC, 2023 Global Digital Trust Insights
of organizations are very confident they are secured against the common causes of cloud breaches.
Only
Secure cloud
19%
Moving to the cloud changes the nature of information security. Make sure your Chief Technology Officer understands the security risks that your company will continue to face during and after cloud transformation, such as keeping your data and intellectual property safe.
You also may wish to present the additional risks that a multi-cloud strategy might entail, as well as a plan to address them — such as a single solution to secure data across multiple clouds. Explain the benefits of automating parts of cloud security through secure cloud blueprints, hardened Infrastructure-as-Code (IaC) templates and tests to address vulnerabilities before release.
Secure cloud
1:00 PM: Meet with CTO on cloud security
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Reduce application bloat and trim costs with portfolio rationalization
Learn more:
cISO
of tech leaders expect a rise in ransomware attacks in the coming year.
— PwC, 2023 Global Digital Trust Insights
Standardize and automate cyber tech
45%
It’s usually a better idea to simplify and standardize cyber, rather than chasing after the latest technology fix. By standardizing cyber, you can help make it more feasible to deploy cyber leading practices across the company — including in different regulatory jurisdictions. That can also make it easier to automate more of cyber, which may help cut costs and reduce business friction.
Verify that your vendor can help support simplification, either by unifying your tools on a single technology stack or working with your current stack. Ideally, solutions should also support “zero-trust security”: a suite of tools that continually authenticates and verifies each user, device, action and transaction.
Standardize and automate cyber tech
12:00 PM: Lunch with vendor
Building digital trust: The partnership of leadership and operations
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Get smart on cyber investment strategies
Learn more:
— PwC, 2023 Global Digital Trust Insights
of executives say their companies now fund cybersecurity as a percentage of tech spending, including operational technology (OT) and automation.
Identify and optimize resources
40%
cISO
Partner with your CFO and CIO to help transform cybersecurity so that you’re not just playing defense, but rather developing a big-picture plan to help reduce costs, grow revenue and stay ahead of emerging threats. Work with the CIO to cut costs and enhance defenses by eliminating overlapping capabilities, improving technology integration and increasing visibility.
For example, you may need to catalog your digital assets and identify end points that should be patched, retired or upgraded. Plan to present the CFO with a data-driven approach to investment: You can assess current and emerging threats systematically — and quantify the impact of a possible breach — with the help of cyber risk quantification.
Together, the three of you can work out an approach that aligns your cyber resources, risks and exposures. The result should be cybersecurity that secures your company’s foundations and also supports the business by improving the customer experience, the employee experience and even speed to market.
Identify and optimize resources
11:00 AM: Meet with CFO and CIO
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
The complexity of trust: PwC's Trust in US Business Survey
How CISOs and boards can prepare for the new era of cyber transparency
Learn more:
of executives feel highly confident that they can effectively meet all disclosure requirements.
Only
— PwC, 2023 Global Digital Trust Insights
Make cyber more transparent
9%
cISO
Are you prepared to report on cyber breaches within 72 hours? It’s just one of many growing demands for transparency coming from a new law and an SEC proposal. Failure to comply could lead not just to fines, but also to reputational damage.
To meet the new requirements, work with your Chief Risk Officer, your general counsel and other senior executives. Your goal is to create an accurate, compelling narrative, set priorities and identify which rules will require concrete changes in your cyber risk management practices. Also consider how cybersecurity can plug into teams responsible for external reporting and how stakeholders may react to disclosures.
Make cyber more transparent
10:30 AM: Meet with CRO
Securing America’s infrastructure
Securing America’s infrastructure
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Learn more:
— PwC, 2023 Global Digital Trust Insights
of executives expect an increase in cybersecurity spending
Drive cyber-business alignment
65%
cISO
Seize this moment — when many leaders have named cyber threats as a top concern — to enable cybersecurity to more effectively support your company’s growth. Help business unit leaders understand security priorities, cyber leading practices and how to create a company-wide culture of cybersecurity. Ask for their help in designing — and securing funding for — cyber tools and processes that can help reduce friction for the business.
To help support ongoing collaboration, explain some of the innovative approaches and technologies that can help automate cybersecurity to cut costs and provide more speed for the business. To drive ever-closer alignment between cyber and business strategy, set up regular discussions.
Drive
cyber-business alignment
9:30 AM: Meet with business unit president
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Uncover the risks that lurk in your supply chains
How well do you know the risks posed by your third parties and supply chain?
Learn more:
—PwC, 2023 Global Digital Trust Insights
of senior executives say they have fully mitigated the risks their bold moves incurred.
Fewer than
Build cyber resilience
40%
cISO
For security in an interconnected world, it’s imperative to build technological and operational resilience that addresses possible third-party risks. You’ll need to be ready to protect critical assets, decrease downtime for core business processes, address regulatory implications and support a quick recovery.
That requires more than just assessing and mitigating the impact. You’ll likely also need to engage with the third party to understand its response. You can then update senior management and the board and issue cyber-breach reports as the new law requires. Consider, too, applying lessons learned through metrics reporting, enhanced training and renewed awareness of dependencies.
Build cyber resilience
7:30 AM: News of supplier breach
If you’re a cybersecurity leader, odds are you’re getting a lot of attention from every corner of the business these days. As remote work grows, digital transformation accelerates, geopolitical challenges escalate and regulations change, everyone wants to know what you’re doing to protect your company and build long-term cyber resilience: Are you setting up a foundation for long-term growth in the face of potential breaches, ransomware attacks and other threats?
Here are some of the challenges that may fill your calendar on a typical day — and some ideas for how to navigate them to meet your growth goals.
If you’re a CISO, you have a packed agenda. Here’s what your day may look like
Topics shaping the cybersecurity agenda
What’s important to CISOs in 2023
Protect operations
Protect operations
Board relationships
Board relationships
Build board relationships
Build board relationships
Plan for crisis response
Plan for crisis response
Secure cloud
Secure cloud
Automate cyber
Automate cyber
Make cyber-smart investments
Make cyber-smart investments
Increase cyber transparency
Increase cyber transparency
Drive cyber-business alignment
Drive cyber-business alignment
Build cyber resilience
Build cyber resilience
A C-suite united on cyber-ready futures
Explore findings from the 2023 Global Digital Trust Insights
Manufacturers ramp up cyber defenses as supply-chain bottlenecks—and vulnerabilities—deepen
Learn more:
cISO
of sector leaders anticipate an increase in reportable incidents occurring at the supply chain software level.
58%
— PwC, 2022 Global Digital Trust Insights, October 2021.
Align IT, OT to protect operations
Despite your IT responsibilities, you’re limited in how you can protect some of your company’s most vulnerable environments in operations technology (OT). Often, control of these technology tools is not in your hands. Yet the damage could be severe if ransomware or other threats penetrate manufacturing, connected and Internet of Things (IoT) devices or other operational environments.
Deepen your relationship with the VP of manufacturing to better assign and align security responsibility, share data, create effective controls and integrate security-by-design into processes, products and services. You can help them add a security focus to their product and customer focus, thereby helping you better protect the company as its cyber digital transformation accelerates.
Align IT, OT to protect operations
7:00 PM: Dinner with VP of manufacturing
How CISOs and boards can prepare for the new era of cyber transparency
Annual Corporate Directors Survey findings for 2021
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon.
Learn more:
cISO
of directors said they felt they understood their company’s cyber vulnerabilities.
Only
33%
— PwC, 2021 Annual Corporate Directors Survey
Direct support where you need it
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Charting the course through a changing governance landscape
How CISOs and boards can prepare for the new era of cyber transparency
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon
Learn more:
cISO
say their board effectively understands impacts regarding enterprise cyber risks.
Only
37%
—PwC, 2023 Global Digital Trust Insights
Direct support where you
need it
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Securing critical infrastructure: Get ready as voluntary becomes mandatory
The next test of corporate resilience: How to manage risks from geopolitical and related crises
Learn more:
cISO
are very concerned about being able to withstand a cyber attack.
56%
—PwC, 2023 Global Digital Trust Insights
Plan for cyber crisis management
Tolerating or even actively fostering cyber threats has become part of the playbook of certain state actors worldwide. Assess the risks to your company, its assets and its supply chain from cyber threats in crisis zones and from hostile state actors.
To help gauge third-party risks to your operations, create or update a full inventory of vendors and subcontractors on which IT depends. Also consider building and strengthening relationships with national or local government agencies focused on cybersecurity.
Plan for
cyber crisis management
2:00 PM: Catch up on latest security news
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Build confidence in your cloud journey across the enterprise
Jump-start cloud adoption with cloud security
Learn more:
cISO
— PwC, 2023 Global Digital Trust Insights
of organizations are very confident they are secured against the common causes of cloud breaches.
Only
Secure cloud
19%
Moving to the cloud changes the nature of information security. Make sure your Chief Technology Officer understands the security risks that your company will continue to face during and after cloud transformation, such as keeping your data and intellectual property safe.
You also may wish to present the additional risks that a multi-cloud strategy might entail, as well as a plan to address them — such as a single solution to secure data across multiple clouds. Explain the benefits of automating parts of cloud security through secure cloud blueprints, hardened Infrastructure-as-Code (IaC) templates and tests to address vulnerabilities before release.
Secure cloud
1:00 PM: Meet with CTO on cloud security
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Reduce application bloat and trim costs with portfolio rationalization
Learn more:
cISO
of tech leaders expect a rise in ransomware attacks in the coming year.
— PwC, 2023 Global Digital Trust Insights
Standardize and automate cyber tech
45%
It’s usually a better idea to simplify and standardize cyber, rather than chasing after the latest technology fix. By standardizing cyber, you can help make it more feasible to deploy cyber leading practices across the company — including in different regulatory jurisdictions. That can also make it easier to automate more of cyber, which may help cut costs and reduce business friction.
Verify that your vendor can help support simplification, either by unifying your tools on a single technology stack or working with your current stack. Ideally, solutions should also support “zero-trust security”: a suite of tools that continually authenticates and verifies each user, device, action and transaction.
Standardize and automate cyber tech
12:00 PM: Lunch with vendor
Building digital trust: The partnership of leadership and operations
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Get smart on cyber investment strategies
Learn more:
— PwC, 2023 Global Digital Trust Insights
of executives say their companies now fund cybersecurity as a percentage of tech spending, including operational technology (OT) and automation.
Identify and optimize resources
40%
cISO
Partner with your CFO and CIO to help transform cybersecurity so that you’re not just playing defense, but rather developing a big-picture plan to help reduce costs, grow revenue and stay ahead of emerging threats. Work with the CIO to cut costs and enhance defenses by eliminating overlapping capabilities, improving technology integration and increasing visibility.
For example, you may need to catalog your digital assets and identify end points that should be patched, retired or upgraded. Plan to present the CFO with a data-driven approach to investment: You can assess current and emerging threats systematically — and quantify the impact of a possible breach — with the help of cyber risk quantification.
Together, the three of you can work out an approach that aligns your cyber resources, risks and exposures. The result should be cybersecurity that secures your company’s foundations and also supports the business by improving the customer experience, the employee experience and even speed to market.
Identify and optimize resources
11:00 AM: Meet with CFO and CIO
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
The complexity of trust: PwC's Trust in US Business Survey
How CISOs and boards can prepare for the new era of cyber transparency
Learn more:
of executives feel highly confident that they can effectively meet all disclosure requirements.
Only
— PwC, 2023 Global Digital Trust Insights
Make cyber more transparent
9%
cISO
Are you prepared to report on cyber breaches within 72 hours? It’s just one of many growing demands for transparency coming from a new law and an SEC proposal. Failure to comply could lead not just to fines, but also to reputational damage.
To meet the new requirements, work with your Chief Risk Officer, your general counsel and other senior executives. Your goal is to create an accurate, compelling narrative, set priorities and identify which rules will require concrete changes in your cyber risk management practices. Also consider how cybersecurity can plug into teams responsible for external reporting and how stakeholders may react to disclosures.
Make cyber more transparent
10:30 AM: Meet with CRO
Securing America’s infrastructure
Securing America’s infrastructure
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Learn more:
— PwC, 2023 Global Digital Trust Insights
of executives expect an increase in cybersecurity spending
Drive cyber-business alignment
65%
cISO
Seize this moment — when many leaders have named cyber threats as a top concern — to enable cybersecurity to more effectively support your company’s growth. Help business unit leaders understand security priorities, cyber leading practices and how to create a company-wide culture of cybersecurity. Ask for their help in designing — and securing funding for — cyber tools and processes that can help reduce friction for the business.
To help support ongoing collaboration, explain some of the innovative approaches and technologies that can help automate cybersecurity to cut costs and provide more speed for the business. To drive ever-closer alignment between cyber and business strategy, set up regular discussions.
Drive
cyber-business alignment
9:30 AM: Meet with business unit president
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
PwC & Microsoft Security Perspectives: Uncover the risks that lurk in your supply chains
How well do you know the risks posed by your third parties and supply chain?
Learn more:
—PwC, 2023 Global Digital Trust Insights
of senior executives say they have fully mitigated the risks their bold moves incurred.
Fewer than
Build cyber resilience
40%
cISO
For security in an interconnected world, it’s imperative to build technological and operational resilience that addresses possible third-party risks. You’ll need to be ready to protect critical assets, decrease downtime for core business processes, address regulatory implications and support a quick recovery.
That requires more than just assessing and mitigating the impact. You’ll likely also need to engage with the third party to understand its response. You can then update senior management and the board and issue cyber-breach reports as the new law requires. Consider, too, applying lessons learned through metrics reporting, enhanced training and renewed awareness of dependencies.
Build cyber resilience
7:30 AM: News of supplier breach
If you’re a cybersecurity leader, odds are you’re getting a lot of attention from every corner of the business these days. As remote work grows, digital transformation accelerates, geopolitical challenges escalate and regulations change, everyone wants to know what you’re doing to protect your company and build long-term cyber resilience: Are you setting up a foundation for long-term growth in the face of potential breaches, ransomware attacks and other threats?
Here are some of the challenges that may fill your calendar on a typical day — and some ideas for how to navigate them to meet your growth goals.
If you’re a CISO, you have a packed agenda. Here’s what your day may look like
Topics shaping the cybersecurity agenda
What’s important to CISOs in 2023
A C-suite united on cyber-ready futures
Explore findings from the 2023 Global Digital Trust Insights
10. Protect operations
9. Board relationships
Build board relationships
Plan for crisis response
Secure cloud
Automate cyber
Make cyber-smart investments
Increase cyber transparency
Drive cyber-business alignment
Build cyber resilience
Content
Executive leadership hub
COO
CMO
CISO
CIO
CFO
Other executives
Other executives
Resilience
Resilience
Cyber-business alignment
Cyber-business alignment
Talent strategy
Talent strategy
Cyber transparency
Cyber transparency
Smart cyber investments
Smart cyber investments
For security in an interconnected world, it’s imperative to build technological and operational resilience that addresses possible third-party risks. You’ll need to be ready to protect critical assets, decrease downtime for core business processes, address regulatory implications and support a quick recovery.
That requires more than just assessing and mitigating the impact. You’ll likely also need to engage with the third party to understand its response. You can then update senior management and the board and issue cyber-breach reports as the new law requires. Consider, too, applying lessons learned through metrics reporting, enhanced training and renewed awareness of dependencies.
Build cyber resilience
—PwC, 2022 Global Digital Trust Insights, October 2021
of organizations haven’t yet done a formal assessment of third-party risks.
Build cyber resilience
60%
cISO
Learn more:
Seize this moment — when many leaders have named cyber threats as a top concern — to enable cybersecurity to more effectively support your company’s growth. Help business unit leaders understand security priorities, cyber leading practices and how to create a company-wide culture of cybersecurity. Ask for their help in designing — and securing funding for — cyber tools and processes that can help reduce friction for the business.
To help support ongoing collaboration, explain some of the innovative approaches and technologies that can help automate cybersecurity to cut costs and provide more speed for the business. To drive ever-closer alignment between cyber and business strategy, set up regular discussions.
Drive cyber-business alignment
—PwC, 2022 Global Digital Trust Insights, October 2021
of organizations predict a rise in cyber spending in 2022.
Drive cyber-business alignment
69%
cISo
2022 Global Digital Trust Insights Survey
Learn more:
If you’re like most CISOs, you’re looking to expand your team, but talent is scarce and expensive. You also may need to upskill your existing team to meet new threats around artificial intelligence, digital assets and more. Cyber-managed services can often fill the gaps, but without careful oversight, these external partners may introduce new risks.
When hiring new talent, consider your approach to recruiting. Can you look beyond candidates with technical backgrounds — many cyber roles don’t require coding experience — and reach out to new geographies that remote work has made accessible? You should also discuss options for partnerships with cyber managed services providers. If you choose that route, which can be highly effective in filling skill gaps, you’ll want to carefully assess the controls and risk management processes that you and your provider have in place.
Find cyber talent and nurture it
fewer candidates are available than are needed in the cyber field.
—PwC, 2021 Global Digital Trust Insights
Find cyber talent and nurture it
50%
CISO
Using upskilling to solve the cybersecurity talent shortage
Learn more:
Are you prepared to report on cyber breaches within 72 hours? It’s just one of many growing demands for transparency coming from a new law and an SEC proposal. Failure to comply could lead not just to fines, but also to reputational damage.
To meet the new requirements, work with your Chief Risk Officer, your general counsel and other senior executives. Your goal is to create an accurate, compelling narrative, set priorities and identify which rules will require concrete changes in your cyber risk management practices. Also consider how cybersecurity can plug into teams responsible for external reporting and how stakeholders may react to disclosures.
Make cyber more transparent
—PwC, Trust in Business Survey, 2021
of consumers and employees agree that data protection and cybersecurity are foundational to trust, making it the top element of trust.
Make cyber more transparent
62%
cISO
PwC's Trust in US Business Survey
How CISOs and boards can prepare for the new era of cyber transparency
Learn more:
of C-Suite leaders plan to increase investment in cyber and/or privacy.
—PwC Pulse Survey, August 2022
Identify and optimize resources
49%
cISo
Partner with your CFO and CIO to help transform cybersecurity so that you’re not just playing defense, but rather developing a big-picture plan to help reduce costs, grow revenue and stay ahead of emerging threats. Work with the CIO to cut costs and enhance defenses by eliminating overlapping capabilities, improving technology integration and increasing visibility.
For example, you may need to catalog your digital assets and identify end points that should be patched, retired or upgraded. Plan to present the CFO with a data-driven approach to investment: You can assess current and emerging threats systematically — and quantify the impact of a possible breach — with the help of cyber risk quantification.
Together, the three of you can work out an approach that aligns your cyber resources, risks and exposures. The result should be cybersecurity that secures your company’s foundations and also supports the business by improving the customer experience, the employee experience and even speed to market.
Identify and optimize resources
Get smart on cyber investment strategies
Learn more:
It’s usually a better idea to simplify and standardize cyber, rather than chasing after the latest technology fix. By standardizing cyber, you can help make it more feasible to deploy cyber leading practices across the company — including in different regulatory jurisdictions. That can also make it easier to automate more of cyber, which may help cut costs and reduce business friction.
Verify that your vendor can help support simplification, either by unifying your tools on a single technology stack or working with your current stack. Ideally, solutions should also support “zero-trust security”: a suite of tools that continually authenticates and verifies each user, device, action and transaction.
Standardize and automate cyber tech
PwC & Microsoft Security Perspectives: Reduce application bloat and trim costs with portfolio rationalization
Learn more:
—PwC, 2022 Global Digital Trust Insights, October 2021
of C-suite respondents say too much unnecessary organizational complexity poses “concerning” cyber and privacy risks.
Standardize and automate cyber tech
75%
cISo
Automated cyber
Automated cyber
Cloud security
Cloud security
Crisis response
Crisis response
Board relationships
Board relationships
Protect operations
Protect operations
If you’re a cybersecurity leader, odds are you’re getting a lot of attention from every corner of the business these days. As remote work grows, digital transformation accelerates, geopolitical challenges escalate and regulations change, everyone wants to know what you’re doing to protect your company and build long-term cyber resilience: Are you setting up a foundation for long-term growth in the face of potential breaches, ransomware attacks and other threats?
Here are some of the challenges that may fill your calendar on a typical day — and some ideas for how to navigate them to meet your growth goals.
If you’re a CISO, you have a packed agenda. Here’s what your day may include.
What’s important to CISOs in 2023
Topics shaping the cybersecurity agenda
7:30 AM: News of supplier breach
How well do you know the risks posed by your third parties and supply chain?
PwC & Microsoft Security Perspectives: Uncover the risks that lurk in your supply chains
8:30 AM: Meet with business unit president
Securing America’s infrastructure
9:30 AM: Interview prospective cyber VP
In the US,
Privacy megatrend: Privacy engineering talent shortage
10:30 AM: Meet with CRO
11:00 AM: Meet with CFO and CIO
Building digital trust: The partnership of leadership and operations
12:00 PM: Lunch with vendor
Cloud compliance and cloud security
Jump-start cloud adoption with cloud security
Learn more:
Companies whose cloud transformations are lagging put innovation and growth at risk.
— Jump-start cloud adoption with cloud security, pwc.com
Secure cloud
cISo
Moving to the cloud changes the nature of information security. Make sure your Chief Technology Officer understands the security risks that your company will continue to face during and after cloud transformation, such as keeping your data and intellectual property safe.
You also may wish to present the additional risks that a multi-cloud strategy might entail, as well as a plan to address them — such as a single solution to secure data across multiple clouds. Explain the benefits of automating parts of cloud security through secure cloud blueprints, hardened Infrastructure-as-Code (IaC) templates and tests to address vulnerabilities before release.
Secure cloud
1:00 PM: Meet with CTO on cloud security
Global Economic Crime and Fraud Survey 2022: US highlights
The next test of corporate resilience: How to manage risks from geopolitical and related crises
Learn more:
Today, in our world of uncertainty, resilience is the value proposition to stakeholders.
— The next test of corporate resilience, pwc.com
Cyber crisis management
cISo
Tolerating or even actively fostering cyber threats has become part of the playbook of certain state actors worldwide. Assess the risks to your company, its assets and its supply chain from cyber threats in crisis zones and from hostile state actors.
To help gauge third-party risks to your operations, create or update a full inventory of vendors and subcontractors on which IT depends. Also consider building and strengthening relationships with national or local government agencies focused on cybersecurity.
Plan for cyber crisis management
2:00 PM: Catch up on latest security news
Securing critical infrastructure: Get ready as voluntary becomes mandatory
How CISOs and boards can prepare for the new era of cyber transparency
Annual Corporate Directors Survey findings for 2021
Cybersecurity + geopolitical conflict: What boards and CEOs should know and act upon.
Learn more:
of directors said they felt they understood their company’s cyber vulnerabilities.
— PwC, 2021 Annual Corporate Directors Survey
Direct support where you need it
cISo
Your main stakeholders — not just regulators — want to know how you’re protecting the company. An informed board can be a key ally in getting you the institutional support you need. Rather than taking an approach that’s too high-level, you can focus on the specific threats — such as ransomware, supply chain compromises, zero-day vulnerabilities, cloud breaches and cyber attacks-at-scale — that your company may face.
A tabletop exercise can be a powerful tool to bring to life vulnerabilities, your plan to respond and any additional resources you may need to enhance defenses. Consider, too, explaining your incident response playbook and the state of your threat detection capabilities.
Direct support where you need it
3:00 PM: Presentation to the board
33%
Only
Manufacturers ramp up cyber defenses as supply-chain bottlenecks—and vulnerabilities—deepen
Learn more:
of sector leaders anticipate an increase in reportable incidents occurring at the supply chain software level.
58%
— PwC, 2022 Global Digital Trust Insights, October 2021.
Align IT, OT to protect operations
cISo
Despite your IT responsibilities, you’re limited in how you can protect some of your company’s most vulnerable environments in operations technology (OT). Often, control of these technology tools is not in your hands. Yet the damage could be severe if ransomware or other threats penetrate manufacturing, connected and Internet of Things (IoT) devices or other operational environments.
Deepen your relationship with the VP of manufacturing to better assign and align security responsibility, share data, create effective controls and integrate security-by-design into processes, products and services. You can help them add a security focus to their product and customer focus, thereby helping you better protect the company as its cyber digital transformation accelerates.
Align IT, OT to protect operations
7:00 PM: Dinner with VP of manufacturing
PwC Pulse Survey: Managing business risks
cISO
cISO
cISO
cISO
cISO
cISO
cISO
cISO
cISO
6. Automated cyber
5. Cyber-smart investments
4. Cyber transparency
3. Talent strategy
2. Cyer-business alignment
1. Resiliance
Content
7. Cloud security
8. Crisis response
9. Board relationships
10. Protect operations
A C-suite united on cyber-ready futures
Explore findings from the 2023 Global Digital Trust Insights
Section 5 CTA 2
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Building digital trust: The partnership of leadership and operations
Build confidence in your cloud journey across the enterprise
2023 Global Digital Trust Insights: A C-suite united on cyber-ready futures
Executive leadership hub
COO
CISO
CIO
CFO
Other executives
Other executives