Businesses take risks by neglecting cyber response planning
Deloitte’s survey involved more than 400 chief information officers, chief information security officers, chief technology officers, and other senior executives of consumer product companies, restaurants and retailers. It found that just 30% – 40% of companies currently investing in platforms such as consumer analytics, cloud integration, connected products, and mobile payments, have mature programs in place to address related cyber risks.
“Some threats, such as credit card fraud and identity theft, are becoming all too familiar in today’s marketplace and can be significantly detrimental to customer trust and brand reputation,” says Deloitte. “Other risks, such as those related to food safety and intellectual property theft, appear to be escalating, leaving many businesses (and their customers) in unfamiliar territory.”
While more than three-quarters (76%) of respondents claimed they are highly confident in their ability to respond to a cyber incident, Deloitte’s research found they may be operating under a false sense of security.
More than eight out of ten of the executives surveyed (82%) said their organization had neither documented nor tested cyber response plans involving business stakeholders within the last year and less than half (46%) practice response to cyber threats. Among 25%, cyber funding was lacking and 21% said they lack clarity on cyber mandates, roles, and responsibilities.
According to Barb Renner, vice chairman, Deloitte LLP and U.S. consumer products leader, investment in advanced digital technologies without cyber resource planning is tantamount to “a one step forward, two steps back proposition”.
“Many of these technologies involve a broad set of data types that could expose consumers to much more than stolen credit cards and identity theft,” warned Renner. “Beyond customer data, the risks can range from protecting food safety in manufacturing and supply chains to intellectual property of new products and formulas. Allowing cyber response planning to lag can undercut the upside of investments in advanced digital technologies.”