Key takeaways

  • With the pressure from 2020 still fresh, 79% of Australian CEOs plan to increase digital investment over the next three years.
  • 78% of leaders are stepping up investment in cybersecurity in response to increasing threat activity.
  • Over the last year, concern over misinformation has risen from 43% of Australian CEOs up to 67%.

A growing number of Australia’s CEOs fear cyber threats and changing consumer behaviour could affect business growth in 2021, according to PwC’s 24th CEO Survey. However, having adapted to massive disruption during the COVID-19 pandemic, the majority are less concerned about the speed of technology change and are prioritising digital transformation over the next three years.

Our CEO Survey found 70 percent of Australia’s chief executives are concerned that consumer behaviour changes could undermine business growth (up from 64 percent last year). This suggests more work needs to be done to understand current consumer dynamics, including through the co-design of products and services, to turn this into an opportunity.

While the pandemic has forced more businesses to rapidly digitise their offerings, they were often catering to static audiences. With consumer habits now altered, there’s a window of opportunity for businesses to empower consumers through personalisation, so that they actively choose to continue transacting digitally and don’t ‘jump ship’ to a competitor. With increased digitisation, the cost of change decreases. Businesses will need to differentiate through a laser focus on customer experience.

Demonstrating return on investment

There’s little doubt that Australia’s CEOs are recalibrating their technology plans in 2021. The majority (79 percent) of the nation’s business leaders are increasing investment in digital transformation over the next three years. This is in response to many factors including the pandemic, government incentives and real signs of economic recovery. While the speed to technology change continues unabated, fewer local CEOs are worried about it (62 percent, down from 73 percent last year). It would appear that 2020 forced CEOs out of their comfort zones, with most companies accelerating digitisation programs, and CEOs have grown in confidence accordingly.

CEO Survey exhibit 1

 

As digital investment ramps up, CEOs, boards and shareholders will naturally expect quantifiable results. This expectation (coupled with the sheer scale of recent changes) suggests that businesses will benefit from breaking transformation into tangible steps, with each step delivering value. This will help maintain momentum, retain stakeholder confidence, and achieve incremental returns on investment.

Clearly then, the ability to pinpoint projects and track the progress of investments will be all-important. However, not all Australian businesses will have the capability to do so. Just 26 percent of local CEOs are significantly increasing their focus on digitising risk management functions this year (compared with 47 percent of global CEOs). For many, a strategic rethink on this may be required.

Creating a secure digital future

One area of risk that is most certainly commanding CEOs’ attention is that of cybersecurity. The overwhelming majority of Australia’s CEOs (95 percent) identify cyber hazards as a key threat to organisational growth. Some 78 percent are stepping up long-term investments into cybersecurity and privacy, in line with Europe’s General Data Protection Regulation (GDPR), and the same number are factoring cyber threats into their strategic risk management activities.

These numbers are understandable given the increase in cyber attacks in Australia over the past year or so. Many of which brought entire organisations to a standstill. With an increase in high-impact cyber attacks, like ransomware, changes in director liability, governance expectations and regulatory reform are also prompting directors to seek more assurances over cybersecurity (particularly in areas of critical infrastructure, the subject of specific reform in 2021). This may explain why about a quarter (27 percent) of Australia’s CEOs say their organisation needs to do more to measure cybersecurity and data privacy, while one in five (22 percent) think they should be doing more to report on it.

When it comes to measurement and reporting, one key step is being able to articulate cyber risk in a way that is meaningful to executives, directors and investors. It’s more important than ever to be able to interpret data, quantify cyber risk and explain how this relates back to specific business outcomes.

When asked about the factors impacting their cybersecurity strategy, an overwhelming majority of Australia’s CEOs again cited the increasing complexity of cyber threats (92 percent). This was followed by cybersecurity and data privacy regulations, such as GDPR (60 percent) and vulnerabilities in supply chain and of business partners (44 percent).

CEO Survey exhibit 2

Fears rise over misinformation

The past year has seen a steep rise in the number of CEOs who are concerned that misinformation could threaten growth 67 percent of Australia’s CEOs cited this (up from 43 percent last year), and 70 percent of global CEOs agreed (up from 50 percent last year).

This illustrates that new and different cyber risks are emerging all the time. The Australian Cyber Security Strategy 2020 outlined how the government is investing $1.67 billion over 10 years to strengthen the nation’s cyber resilience. Now, and in the future, corporate CEOs will need to show similar resolve. Businesses cannot protect themselves by simply doing what they have always done.

Digital transformation efforts have accelerated as organisations adapt to a ‘COVID-normal’ world. The unpredictability of current events has highlighted vulnerability and the need for a focus on cyber and organisational resilience. Despite an increase in CEOs considering cybersecurity in their business decisions, organisations still have much to do; including a greater investment in their people to ensure they have the skills they need. 

Steps towards positive change

To combat the concerns CEOs have around technology, here are four ways businesses can actively combat threats and embrace new opportunities:

1. Ensure you are prepared for the worst. It is critical to have adequate technical protections and cyber incident response plans in place

2. Align cyber investment to overall enterprise or business unit budgets in a strategic, risk and data-driven way

3. Educate and empower employees to be diligent about their activities online. It is important that: 

  • Employees in a technology role have more than a baseline level of cybersecurity knowledge
  • Organisations invest in human-centric designed security processes and work environments to reduce decisions or behaviours placing businesses at cyber risk 
  • Increase director level understanding of cyber risk and ransomware attacks

4. Consumer trust and loyalty can hinge on a seamless and secure digital experience — invest in new innovative technologies that provide increased cybersecurity, while not impacting the way consumers interact with their products and services.


This article presents the digital findings of the 24th Annual Global CEO Survey. Download the global or Australian reports in their entirety for the full range of issues CEOs consider critical to today’s businesses.

 

Contributor

Nicola Nicol

Nicola is a partner in PwC Australia’s cyber security practice.

More About Nicola Nicol

Contributor

Mike Cerny

Mike is a partner in PwC Australia’s Consulting business and leads the Australian Cybersecurity practice.

More About Mike Cerny
Cameron Whittfield

Contributor

Cameron Whittfield

Cameron is the head of Digital and Technology Law at PwC Australia.

More About Cameron Whittfield

Contributor

Diane Rutter

Diane is a partner and the Consulting Diversity & Inclusion Lead and Customer Experience Lead at PwC Australia

More About Diane Rutter