Over 82% of business executives in India foresee an increase in cybersecurity budgets in 2023: PwC survey

77% say cybercriminal activity is the biggest organisational threat, 62% highlight insider threat as a challenge

• One in four companies globally has suffered a data breach that cost it USD1–20 million or more in the past three years.
• 43% of Indian business executives say their organisation has yet to fully mitigate the risks associated with remote and hybrid work, while 61% state the same around risks associated with accelerated cloud adoption and 55%, around increased data volumes.
• Cloud-based pathways and the internet of things are top areas of concern in India, while globally, mobile devices are considered most unsecure.

New Delhi, 9 November 2022: One in four companies (27%) globally has suffered a data breach that cost USD1–20 million or more in the past three years. However, despite cyberattacks continuing to cost businesses millions of dollars, globally fewer than 40% of executives surveyed say they have fully mitigated cybersecurity risk exposure in a number of critical areas. In India, the figure is slightly better with over 50% respondents believing that they have fully mitigated the risks their bold moves incurred since 2020. This includes enabling remote and hybrid work (57% say the cyber risk is fully mitigated); accelerated cloud adoption (61%); increased use of the internet of things (67%); increased digitisation of supply chains (52%) and back office operations (56%). This is according to PwC’s annual Global Digital Trust Insights – India edition.

According to the survey, organisations across the globe worry about more threats and cyber events in 2023 – 65% of surveyed business executives feel cybercriminals will significantly affect their organisation in 2023 compared to 2022. In India, cloud-based pathways (59%) and the internet of things (58%) are top areas of concern, followed by mobile devices and software supply chains (54%). Globally, mobile devices are considered most unsecure (41%).

Sivarama Krishnan, Partner and APAC Cybersecurity Leader, PwC, said, ‘The digitalisation of business demands that corporates and boards invest in becoming more cyber resilient. This needs to be across the spectrum – in technology, people, processes and engineering capabilities. Our survey clearly reveals that organisations that have made cybersecurity a strategic priority have witnessed less disruption to business. Cyber resilience is not only key to survival of businesses but also a key driver of public trust."

According to the survey, 89% of Indian business executives say their organisation’s cybersecurity team detected a significant cyberthreat to business and prevented it from affecting their operations,

as against 70% globally. It also highlights that 83% Indian business executives say their organisation’s cybersecurity team has improved supply chain risk management.

The survey highlights that of all the risks affecting organisations, our India respondents consider a catastrophic cyberattack, a resurgence of COVID-19 or a new health crisis, and a new geopolitical conflict as the top three risks.

Most organisations are increasing their cyber budgets

The majority of executives surveyed say their organisations are continuing to increase their cyber budgets – 69% say that the budget increased in 2022 and 65% plan to spend more on cyber in 2023. Increasing budgets reflect the fact that cybersecurity tops the agenda for resilience planning. According to the survey, a catastrophic cyberattack ranks higher than global recession or another health crisis for organisations’ resilience planning.

Concerns around cybersecurity extend to the C suite. Most CEOs surveyed are planning to ramp up action cybersecurity measures in the coming year – 52% say they will drive major initiatives to improve their organisation’s cyber posture. Many CFOs surveyed are also planning to increase their cyber focus, including cyber technology solutions (39%), focus on strategy and coordination with engineering/operations (37%) and upskilling and hiring of cyber talent (36%).

It’s not hard to see why cyber continues to move up the corporate agenda. The cost of cyber breaches goes much further than direct financial costs, according to marketing-oriented execs surveyed. The range of harm organisations have experienced due to a cyber breach or data privacy incident over the past three years includes loss of customers (cited by 27%), loss of customer data (25%) and reputational or brand damage (23%)

Notes to the Editor:

Top threat actors

Top threat pathways

Ends

About the Global Digital Trust Insights Survey

The Global Digital Trust Insights Survey captures the views of senior executives on the challenges and opportunities to improve and transform cybersecurity within their organisation in the next 12-18 months. The survey includes 3,522 respondents across 65 countries. Companies with revenues greater than USD 1 bn make up 52% of those surveyed; 25% have revenues greater than US$5bn.

About the India highlights:

103 executives from India participated in our Global Digital Trust Insights survey. These belonged to both business and tech/security roles, with 40% belonging to organisations with over USD 1 billion in revenue and 32% with over USD 5 billion.

About PwC

At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 152 countries with over 327,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.com.

PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.

© 2022 PwC. All rights reserved.