• 1000

As TMT companies continue to innovate and expand, they are increasingly exposed to cyber threats and complex global regulatory requirements. Addressing these expanded cyber risks and complying with an ever-increasing spectrum of regulations is becoming a pressing challenge.

With the deeper integration of data and technology, cybersecurity and data privacy are increasingly being embedded within the core business functions. While Chief Information Security Officers (CISOs) play a vital role, the entire leadership team needs to embrace cyber and data privacy as a top priority. The focus should not be solely on responding to threats, but on proactively ensuring cybersecurity and data privacy are embedded across the organization.

To juggle the swift pace of technological innovation and transformation, TMT organizations are increasingly relying on partnerships. However, ensuring a trusted and secure supply chain across these evolving partnerships presents unique challenges.

Moreover, managing rapidly evolving digital identities within a hyperconnected environment and navigating the need for humans and machines to coexist has become a major consideration.

This article explores cybersecurity considerations for the TMT sector. It provides an overview of the rapidly evolving cybersecurity landscape, the evolving role of CISOs, the need for operational resilience and the incorporation of security within core functions.

Consideration 1: Embed cyber and privacy for good

Digital has transformed business processes, leading TMT organizations to transition from centralized cybersecurity operating models to deeply embedding cyber across all functions. As businesses continue to adopt technologies beyond cloud-based services, new security risks are emerging that require effective resource deployment and the application of AI. Cultivating a sustainable security culture that prioritizes continuous threat monitoring, clear communication, trust-building and balancing technical and soft skills is vital. 

Amid the rapid evolution of business models and compliance complexities, TMT organizations remain a dynamic target for cyber threats. Embracing the “secure by design” principle across all business functions helps integrate security smoothly across the operational spectrum. 

Consideration 2: Modernize supply chain security

As organizations in the TMT sector face an increasingly complex and interdependent supply chain ecosystem, they are more exposed to new cyber threats. In response, businesses are urged to establish strategic supplier partnerships focused on continuously monitoring and managing the evolving risk profiles of these entities to enhance operational resilience. The rapid pace of technological advancement and the deployment of AI augments and complicates this landscape, presenting new opportunities and potential risks. Global standards and regulatory bodies are stepping in to ensure the supply chain ecosystem is adequately focused from a cyber risk perspective and that proper security controls are deployed.

With increased instances of supply chain disruptions, TMT enterprises investing in comprehensive risk management need a clear, continuous view of an ever-expanding third-party ecosystem. With today’s complex global dynamics, evolving toward a cybersecurity posture encompassing businesses and the vendor ecosystem is crucial.

Consideration 3: Make identity individual, not institutional

Digital identity has emerged as a key factor for efficient digital interactions in the connected world. With smart devices tethered to organizations’ digital backbone, managing their identities is imperative. Customer digital identity is another increasing area of focus, with consumers accessing digital platforms daily. This has made a reliable and trusted federated identity model particularly important.

In this environment, the security challenges of establishing digital identity are growing with the rise of deepfake technologies. Cybercriminals are using this tactic to target corporations, institutions and sovereigns, many of which are unprepared to defend against this threat. 

As TMT organizations take the lead in implementing emerging technologies, they must also be aware of the accompanying risks, including the potential for misuse. A reimagined approach to identity and access management, encompassing employees, ecosystem providers, connected devices and consumers, is a strong move toward ensuring and upholding a resilient security posture.

How this connects to what we do

In addition to assessing your cybersecurity program and ensuring it aligns with your business priorities, KPMG professionals can help TMT organizations develop advanced digital solutions, advise on the implementation and monitoring of ongoing risks and help design the appropriate response to cyber incidents.

KPMG professionals are adept at applying cutting-edge thinking to clients’ most pressing cybersecurity needs and developing custom strategies that are fit for purpose. With technology that is secure and trusted, KPMG professionals offer a broad array of solutions including cyber cloud assessments, privacy automation, third-party security optimization, AI security, and managed detection and response.

This excerpt was taken from the KPMG Thought Leadership publication: 

https://kpmg.com/xx/en/home/insights/2024/05/cybersecurity-considerations-2024-technology-media-and-telecommunications.html.

© 2024 R.G. Manabat & Co., a Philippine partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more information, you may reach out through ph-kpmgmla@kpmg.com, social media or visit www.home.kpmg/ph.

This article is for general information purposes only and should not be considered as professional advice to a specific issue or entity. The views and opinions expressed herein are those of the author and do not necessarily represent KPMG International or KPMG in the Philippines.