KPMG Cyber
trust insights
2022
Building trust through cybersecurity
and privacy
KPMG International kpmg/cybertrust Building a community The evolution of the
OverviewDigital evolution Trends in digital trust Mission achievable Methodology
of trust CISO
Contents
03 05 09
Overview Digital evolutionTrends in digital trust
Five crucial steps to building trustThe business case for investing in trust Understanding the drivers of trust
through cybersecurity and privacy
14 18 23
Building a community of trustThe evolution of the CISO Mission achievable
The power of collaboration and The contribution of the CISO to How organizations can drive trust
partnershipbuilding trust via the CISO
(c) 2022 Copyright owned by one or more of the KPMG International entities. KPMG International entities provide no services to clients. All rights reserved. KPMG Cyber trust insights 2022 2 Building a community The evolution of the
Overview Digital evolution Trends in digital trust Mission achievableMethodology
of trust CISO
Overview
Five crucial steps to building trust through cybersecurity and privacy
To today’s businesses, trust is everything. In an uncertain, constantly shifting
environment, customers, employees and investors look for organizations they can
depend on. But building and protecting that sense of trust requires every part of
the organization to work together to deliver a consistent, unified vision.
Now that we live in a digitized world, every part of the business depends on
fairness, integrity and transparency in the way information is collected and
processed. Systems should be resilient, dependable and able to respond quickly
in the face of disruption. Whether you are a customer or client who wants to feel
safe when transacting with the organization, or part of the broader ecosystem of
partners, investors, regulators and society which surrounds every organization —
digital trust matters.
Cybersecurity and privacy have a key role to play in building and maintaining that
trust. Businesses are ramping up data collection, expanding the use of artificial
intelligence (AI) and machine learning (ML) technologies and embracing the
environmental, social and governance (ESG) agenda, all while facing increasingly
exacting regulatory standards.
In the KPMG Cyber trust insights 2022, we surveyed 1,881 executives and
conducted a series of discussions with corporate leaders and professionals
from across the world to explore the extent to which the C-suite recognizes
this, how they are meeting the challenge, and what they need to do next. We
also explore the key role that chief information security officers (CISOs) can
play in helping them do so. We identify five crucial steps towards building trust
through cybersecurity: treat cyber and privacy as a golden thread woven
into the business; build internal alliances; reimagine the CISO role; secure
leadership support; and reach out to the ecosystem.
(c) 2022 Copyright owned by one or more of the KPMG International entities. KPMG International entities provide no services to clients. All rights reserved. KPMG Cyber trust insights 2022 3 Building a community The evolution of the
Overview Digital evolution Trends in digital trust Mission achievableMethodology
of trust CISO
Data deluge Challenges of Value and trust
Businesses are mining dataAI and MLTrust matters more than
at scale. Raising concernsThere are growing societalever — and is not just about
over how data is protected,and business concerns overreputation. Boosting trust
used and shared. the ethics, security and creates competitive advantage
privacy implications of and adds to the bottom line.
Key A majority of respondentsadopting AI and ML solutions
have engaged in more for big data analysis.
extensive collection or More than 1/3
analysis of customer data agree that AI andof organizations recognize
over the past year.78%ML bring unique that increased trust leads to
findingscybersecurity improved profitability.
Investment in data-driven challenges.
activities is increasing in report that information
priority for organizations.say AI and ML Butsecurity requirements
3 in 4 raise fundamental are shaped by
ethics questions.65%compliance needs
rather than long-term
strategic ambitions.
Rising regulation Trusted communities Evolving CISO Trusted purpose
Regulators are paying greater External partnerships are Do organizations recognizeHave businesses recognized
attention to these issues, and expected to also be vital to the role the CISO can play in the connection between
many organizations are success in hyperconnected helping them embed andigital trust and their
concerned about navigatingecosystems, but practical organization-wide approach to environmental, social and
an increasingly complex barriers stand in the way of digital trust?governance (ESG) agenda?
global regulatory landscape. collaboration.
of executives doubt
worry about their say constructive 1/2 that the relationshipLess than 1 in 5
36%ability to meet 79%collaboration withbetween the board
existing or new suppliers and clients and the CISO is characterized say the CISO team is an
cybersecurity regulation when is vital, but onlyby ‘high trust.’ integral part of the ESG team.
activities are outsourced to42% report doing so.
digital service providers. say the CISO is not report that the
admit their supply1/3 viewed as a key50%CISO team plays a
worry about60%chains are leavingexecutive and has lessvery limited role
34%corporate-reportingthem vulnerable influence than they or no role in ESG.
disclosures relatedto attack. need to protect the
to cybersecurity. organization and its data.
Source: KPMG Cyber trust insights 2022
(c) 2022 Copyright owned by one or more of the KPMG International entities. KPMG International entities provide no services to clients. All rights reserved. KPMG Cyber trust insights 2022 4 Building a communityThe evolution of the
Overview Digital evolution Trends in digital trust Mission achievable Methodology
of trust CISO
1
Digital evolution
The business case for investing
in trust
(c) 2022 Copyright owned by one or more of the KPMG International entities. KPMG International entities provide no services to clients. All rights reserved.KPMG Cyber trust insights 20225