The survey comes from Harvey Nash/KPMG CIO and it looks at company spend on IT systems orientated towards the two concerns of data privacy and data security. The organizations profiled have a combined annual cyber security spend of $46 billion.
The survey discovered that just under one quarter (23 percent) of the companies surveyed are pushing ahead with prioritizing improvements in cyber security. This is due to cybercrime threats showing no signs of abating. Simultaneously, companies are seeking to manage operational risk and compliance. For 12 percent of firms this is a significantly increased priority.
Put together, major companies face a dilemma. Customers want easier access to services, but this is an environment full of cyber risks. Customers also want improved insights and analytics, and yet there is mistrust from the public over what happens to their data and increased regulation, such as with General Data Protection Regulation (GDPR).
For more about the implications of GDRP, see the Digital Journal article “European business needs to get smart about data protection.”
Such are the requirements of GDPR, over one third (38 percent) of the companies polled said they were not fully GDPR compliant by the time the legislation came into force on May 25, 2018.
With cybersecurity, this was deemed to be very important by 77 percent of respondents. This is an increase from 71 percent, when the survey was previously run, back in 2017. Moreover just 22 percent of companies have assessed themselves as being sufficiently prepared for a cyberattack. One reason for this low level is due to a perceived lack of security and resilience skills among the workforce.
Furthermore, many companies are lacking a clear digital strategy. This is a mix of the application of new technologies to existing business activity and a focus on the enablement of new digital capabilities to their business.
Assessing the overall findings, Denis Berry, KPMG principal and U.S. CIO Advisory leader, in a communication provided to Digital Journal: “Technology disruption continues to play a significant role in today’s business environment and, while more CIOs understand the importance of implementing a digital strategy, most are still struggling with integrating digital into their core processes to address business goals.”