As featured on BusinessMirror: The path to collective cyber resilience
As organizations continue to navigate the complexities of our interconnected digital landscape, managing an ecosystem of Information Technology, Operational Technology and Internet of Things products has never been more critical. With the increasing threat landscape, evolving regulations and growing reliance on supplier networks, achieving comprehensive cyber resilience is essential for success.
Resilience in the digital age demands a holistic approach
To become truly resilient in today’s reality — where the rapid pace of change is accelerating — organizations should look at the system as a whole or, at least, the digital ecosystems in which they operate.
Modern companies are not simple, stand-alone entities but increasingly part of interconnected networks — ecosystems — that can cut across sector boundaries and provide new opportunities for innovation, efficiency and growth. In today’s hyper-connected environment, digital trust becomes critical as increased interconnections unleash significant new challenges and the need to transform resilience.
Organizations are increasingly dependent today on third, fourth and fifth parties within their supply networks. While this level of collaboration offers significant benefits, it also introduces new risks that should be managed.
Meanwhile, government institutions globally are recognizing their responsibility to ensure a collective approach to bolstering digital resilience and fostering digital trust. As the landscape evolves, so must resilience strategies if companies hope to thrive.
Lastly, citizens and consumers of digital technology have increasing expectations for the reliability and trustworthiness of the digital products and services they rely on. Meeting these changing expectations through a transparent approach to digital trust is becoming a key differentiator for organizations.
A collective, long-term strategy is essential
Driven by the need for information sharing, trust technologies such as privacy-enhancing technologies (PETs) and blockchain potentially enable and fuel collaboration between ecosystem partners. Instead of mere compliance-driven agreements between organizations, collaboration, will ultimately benefit the organizations involved.
It’s revealing and informative to consider how an ‘ecosystemic’ perspective is already making a difference for many leading companies. These global giants recognize that their production processes, efficiency, and competitiveness rely on a wide array of suppliers in diverse sectors.
In some cases, they provide a platform on which other partners can prosper or share resources that ultimately benefit the entire ecosystem, including the platform provider. In other cases, the goal is to make the entire ecosystem resilient.
A leading chipmachine maker, for example, recognizes that its high-tech manufacturing process completely relies on numerous diverse suppliers, and a costly cyberattack on any of these companies could disrupt its entire business. To make the system as a whole resilient, it has begun sharing resources meant for its own security with its partners and vice versa.
Many organizations, amid limited financial resources, skills and technology, might prefer to focus on maturing their own cybersecurity before looking at suppliers’ security. But beware — that approach represents a short-term gain in the face of a much-needed long-term approach as the threat landscape expands and grows in sophistication.
Digital trust underpins a truly cyber-resilient ecosystem
Beyond the need for a clear strategy, a governance structure and well-defined financial and legal boundaries, digital trust is one of the key components of a truly cyber-resilient ecosystem.
KPMG, together with the World Economic Forum and other collaborators, has developed a global framework for digital trust. This framework serves as a decision-making guide for organizations, enabling the development and deployment of reliable, trustworthy technology and, through it, trusted collaboration ecosystem wide. The WEF defines digital trust as public expectations that “digital technologies and services — and the organizations providing them — will protect all stakeholders’ interests and uphold societal expectations and values.”
As digital dependencies proliferate — exponentially amplifying both risks and mistrust — cybersecurity expenditures surge. This necessitates a paradigm shift to a truly modern perspective that transcends conventional approaches to safeguarding our increasingly interconnected environments. Business should focus more intently on becoming resilient through a collective approach, alongside and beyond keeping our individual organizations secure. Visionary cybersecurity leaders should set the long-term strategy with their ecosystem partners and build trust on a personal level by leveraging the potential of trust technologies. Only then will we be able to efficiently build resilient digital societies that can make a difference in a world of change.
This excerpt was taken from the KPMG Thought Leadership publication:
https://kpmg.com/xx/en/home/insights/2024/05/the-path-to-collective-cyber-resilience.html.
© 2024 R.G. Manabat & Co., a Philippine partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more information, you may reach out through ph-kpmgmla@kpmg.com, social media or visit www.home.kpmg/ph.
This article is for general information purposes only and should not be considered as professional advice to a specific issue or entity. The views and opinions expressed herein are those of the author and do not necessarily represent KPMG International or KPMG in the Philippines.