Who’s managing your identity?The cyber risks of our digital business world

Our current identity management practices aren’t going to cut it in this new world, especially as the number of cyber incidents creeps up every year. We continue to build increasingly integrated digital business models and, like any complex structure, our digital ecosystem is only as strong as its weakest link.

That’s the finding from our latest Global State of Information Security Survey, launching today. From our research, we’re seeing investments in identity management and cyber security grow, especially as the number of attacks increases. However, here in New Zealand we’re still underinvesting in identity management.

Overseas, companies are already seeing the challenges of poorly aligned security – with mobile the most common source of cyber incidents. Locally, we’re not seeing that level of activity yet, but as more businesses move to mobile, it’s only a matter of time before we catch up.

New Zealand’s a high-trust society. While that certainly helps us maintain an open economy, it’s also putting our companies at a disadvantage in the world of cyber security. Our digital society is increasingly globalised and local identity management efforts are being measured against international standards like the EU’s General Data Protection Regulation (GDPR). For New Zealand to succeed as a connected economy, local businesses must understand the changing global cyber security landscape and reduce their exposure if they want to stay relevant.

We’re seeing too many organisations putting money into cyber but that can’t identify the core risks they are facing and the assets that need protecting. There’s a lot of focus on the infrastructure involved, but much less on the strategy that sits behind it. Without this, we can’t deliver on the opportunity that cyber security presents.

Ultimately, we have to transform cyber security by being laser focused on the risks involved. Companies that stay competitive in our digital landscape aren’t just blindly trusting that their business and customer data will stay secure. It’s no exaggeration to say that building and maintaining trust is going to be the greatest differentiator for New Zealand businesses in our digital society. Now’s the time to start taking that seriously.

Steve McCabePwC Partner

All of our lives have become enmeshed in the digital ecosystem that makes up our modern society. As our society has gone digital, the nature of cyber security has changed. It’s no surprise New Zealand businesses are now running into the cyber risks of new business models.

Putting identity to work

Adrian van HestPwC Partner

Is your organisation’s cyber spending aligned with revenue?

Global Australia NewZealand

Yes No Do not know

49.2%

31.1%

19.7%

72.2%

11.0%

16.7%

65.7%

16.8%

17.5%

What is the number of security incidents detected in the past 12 months? (New Zealand)

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

2016 2017

Fewerthan 10

10 to 49

50 to 499

500 to4,999

5,000 or more

Do notknow

Does your organisation have cyber insurance? (New Zealand)

Yes No Do not know Yes No Do not know

58.3%

28.3%

13.3%

Where did the cyber incident originate?

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

NZ Global Australia

Unkno

wn hac

ker

Former

emplo

yees

Curren

t emplo

yees

Curren

t serv

ice

provid

ers

Suppli

ers/bu

sines

s

partn

ers

Do not

know

What are the most common causes of security incidents?

Traditional software vulnerabilities (e.g. out-of-date software)

NZAustraliaGlobal

Mobile device (e.g., smartphone, tablet computer) exploited

1st11th9th

1st 1st6th