Digital Trust Insights 2021Cybersecurity comes of age

Central & Eastern Europe (CEE)

21 October 2020

| 1

Speaking today

Nick KósCEO, PwC Central & Eastern Europe

Magdalena Skorupa Cyber Risk & Compliance Director, Reckitt Benckiser

Grant WaterfallCybersecurity & Privacy Leader,PwC EMEA

Petr SpirikCybersecurity & Privacy Leader,PwC Czech Republic

Piotr UrbanCybersecurity & Privacy Leader, PwC Poland and Central & Eastern Europe

Cybersecurity comes of age - Global DTI 2021 2

Agenda

Welcome by Piotr Urban | Cybersecurity Leader, PwC Central & Eastern Europe 5 min1.

Opening remarks by Nick Kós | CEO, PwC Central & Eastern Europe 10 min2.

Panel discussion | moderated by Piotr Urban

Magdalena Skorupa | Cyber Risk & Compliance Director, Reckitt Benckiser Grant Waterfall | Cybersecurity & Privacy Leader, PwC EMEAPetr Spirik | Cybersecurity & Privacy Leader, PwC Czech Republic

30 min3.

Q&A4.

Wrap up and close5. 5 min

10 min

Cybersecurity comes of age - Global DTI 2021 3

The 2021 Global Digital Trust Insights (DTI) report is a survey of 3,249 business, technology, and security executives (CEOs, corporate directors, CFOs, CISOs, CIOs, and C-Suite officers) conducted in July and August 2020.

28% Female, 71% Male

About Digital Trust Insights 2021

Respondents operate in a range of industries:

All regions were represented, with Europe having 38% of respondents (Western and Eastern combined).

Technology, media, telecom (22%)

Retail and consumer markets (20%)

Financial services (19%)

Industrial manufacturing (19%)

Health (8%)

Energy, utilities, and resources (8%)

32%Less than 1,000

54%1,000-50,000

9%50,000-100,000

In terms of size of organisations measured by no. of employees:

Cybersecurity comes of age - Global DTI 2021 4

Business and Tech/Security Leaders voiced their views, coming from a range of industries, regions and sizes of organisations

About Digital Trust Insights 2021Cybersecurity comes of age - Global DTI 2021 5

Cybersecurity comes of ageGlobal DTI 2021

What’s Next in Cybersecurity

Nick Kós - PwC CEE CEO

6

Cybersecurity comes of age

Businesses are changing and their ambitions are rising

40%say they’re accelerating digitization

21%are changing/redefining their core business model

29%have ambition to be more efficient

31%are modernizing with new capabilities

35%say they’re speeding up automation to cut costs

18%are breaking into new markets or industries

(both categories have doubled since our survey last year)

Cybersecurity comes of age - Global DTI 2021 7

Five moves to get to the next level

Cybersecurity response to these new times:

1. Reset your cyber strategy and evolve leadership

2. Rethink your cyber budget to get more out of it

3. Invest in every advantage to level the playing field with attackers

4. Build resilience for any scenario

5. Future-proof your security team

Cybersecurity comes of age - Global DTI 2021 8

Reset your cyber strategy and evolve leadership to these new times

New times also call for new CISO leadership and evolving to the needs of business.

40% of executives say they need the CISO to be a Transformational leader (20%) or an Operational leader and master tactician (20%). Other roles indicated included Experienced officer (16%), Enterprise risk authority (15%), and Data value creator and protector (12%).

Some CISOs already inhabit these roles, and are exhibiting three qualities most prized by executives:

● Strategic thinking (38%)● Ability to take smart risks (38%)● Leadership skills (36%)

Almost all organisations (96%) plan shifts in their cybersecurity strategy as a result of COVID-19, with 50% planning to bake cybersecurity and privacy into every business decision

Q3: Which of the following changes are most likely to be impacts of the COVID-19 experience on cybersecurity in your industry? Base: 3249 (Multi-Select)

Cybersecurity comes of age - Global DTI 2021 9

NET: Decrease

26%

NET: Increase

55%

More than half (55%) of business and tech/security executives lack confidence that cybersecurity spending is aligned to the most significant risks. Or that budgets provide the resources needed for a severe cyber event (55%).

53% lack confidence that their current cybersecurity budgets link to overall budgets in a strategic, risk-aligned, and data-driven way.

More than one-third strongly agree that organisations can strengthen their cybersecurity posture while containing costs - thanks to automation and rationalisation of tech.

Nearly 60% are beginning to quantify risks or have implemented at scale, and nearly everyone else plans to begin risk quantification within the next two years. B2c How is your cyber budget changing in 2021? Base: 1414

Asked to Chief Information Officer (CIO), Chief Technology Officer (CTO), Chief Security Officer (CSO), Chief Information Security Officer (CISO), VP of Cybersecurity, Director of Cybersecurity, Information Security Director, Information Technology Director, Head of IT

Over half of organisations state that their cybersecurity budget will be increasing in 2021; still 26% will need to do more with less

Rethink your cyber budget to get more out of itCybersecurity comes of age - Global DTI 2021 10

C1 (b): How is headcount for your cybersecurity team changing in the next 12 months? Base 3249

Over half of businesses are making plans to increase their cybersecurity headcount in the next 12 months

Future-proof your security team

Businesses are hiring for a mix of analytical, technical and communication skills

C2 Which of the following skills are you looking for in your new hires in the next 12 months? Base: 3249 (Multi-Select)

Cybersecurity comes of age - Global DTI 2021 11

Cybersecurity comes of ageGlobal DTI 2021

Panel Discussion

Moderated by Piotr UrbanPwC Poland and CEE Cybersecurity Leader

1. Reset your cyber strategy, evolve leadership for these new times

Q3: Which of the following changes are most likely to be impacts of the COVID-19 experience on cybersecurity in your industry? Base: 3249 (Multi-Select)

C5 Which of the following skills in a CISO/cybersecurity leader will make the most difference to your organisation’s success in the next 12 months? Rank up to 5 Base 3249.

Cybersecurity comes of age - Global DTI 2021 13

Make the shift to business-driven cybersecurity strategy and let your CISO take on the larger role you need.

CISOs who understand the value at stake are securing digitalization at an accelerated pace

1. Reset your cyber strategy, evolve leadership for these new times

Cybersecurity comes of age - Global DTI 2021 14

2. Rethink your cyber budget to get more out of it

More than half of respondents report increasing cybersecurity budgets in 2021.

But 44% say that there should be a new process for cybersecurity budgeting…

...because more than half lack confidence that their cybersecurity spending:

- is allocated towards the most significant risks to the organization.- are linked to overall budgets in a strategic, risk-aligned, and data-driven way.- is focused on remediation, risk mitigation, and/or response techniques.- has adequate digital trust controls over emerging technologies

(like IoT, blockchain, robotic process automation or cloud)

Cybersecurity comes of age - Global DTI 2021 15

Business wants budgets that directly tie to business growth, digital transformation and better risk management

2. Rethink your cyber budget to get more out of it

Cybersecurity comes of age - Global DTI 2021 16

3. Invest in every advantage to level the playing field with attackers4. Build resilience for any scenarioHigh-likelihood, high-impact: are your investments addressing these?

Low-likelihood, high-impact: do you have tested resilience plans for these scenarios?

High likelihood-low impact: what’s your cybersecurity hygiene around these?

If you were to draw up a likelihood-impact grid on the cyber threats, actors, and events you face, what would it look like for your organization? And how is your cybersecurity spending allocated against these?

Cybersecurity comes of age - Global DTI 2021 17

The top-ranked outcomes desired in the next 2-3 years include increased prevention of successful attacks and faster response times to disruptions.

What the threat outlook for 2021 means for your resilience strategy

3. Invest in every advantage to level the playing field with attackers4. Build resilience for any scenario

Cybersecurity comes of age - Global DTI 2021 18

Over half plan to increase headcount in the next 12 months.

5. Future-proof your security teamWanted: 3.5 million people for 2021 cybersecurity jobs

Hiring

Companies are looking for future leaders — those with qualities that span digital skills, business acumen, and social skills. This is another evidence of greater business alignment by security teams.

Upskilling

With the severe shortage of talent, companies are “hiring from within”, applying upskilling 2.0 thinking to train current teams.

Cybersecurity comes of age - Global DTI 2021 19

An overwhelming majority — nearly 90 percent — of executives use or plan to use managed services. Eighteen percent say they’re already realizing benefits from managed services.

Managed services

Hiring, upskilling, and managed services to get the deep talent you need in this tight labor market

5. Future-proof your security team

Cybersecurity comes of age - Global DTI 2021 20

Q&A

CEE Digital Trust Insights Webcast 2021

Wrap up

CEE Digital Trust Insights Webcast 2021

Summary of what’s next in cybersecurity

1. Reset your cyber strategy and evolve leadership to these new times

2. Rethink your cyber budget to get more out of it

3. Invest in every advantage to level the playing field with attackers

4. Build resilience for any scenario

5. Future-proof your security team

23

More insights available Cybersecurity comes of age - Global DTI 2021 24

We would love to hear from you

Piotr UrbanCybersecurity & Privacy Leader PwC Poland and Central & Eastern Europe

piotr.urban@pwc.com

Join the discussion on social media: LinkedIn @PwC Central and Eastern Europe Twitter @PwCCEE

#BeCyberSmart #PwCCyber

Cybersecurity comes of age - Global DTI 2021

CEE Digital Trust Insights Webcast 2021

Thank you!