Key Considerations for a Digital Future
Cybersecurity remains a paramount concern for businesses navigating in the digital landscape of 2025. CISOs are expected to expand their attention to multiple critical and strategic areas. KPMG's latest report, "Cybersecurity considerations 2025," offers insights into the challenges and strategic actions shaping the cyber area. We took a dive into the report:
The AI Security Dilemma
Artificial Intelligence continues to transform business operations, but it also presents significant security challenges. The report reveals that 78% of organisations are concerned about AI being viewed as a mysterious "black box" by many users. This lack of transparency creates potential risks and ethical concerns. Additionally, 77% of organisations expect AI to pose operational challenges that could lead to job reduction and create ethical dilemmas.
Despite these concerns, 64% of global CEOs acknowledge they will invest in AI regardless of economic conditions. This highlights the delicate balance organisations must strike between leveraging AI's benefits and managing its security risks.
Talent Gap and Workforce Challenges
The cybersecurity skills gap remains a critical issue globally. According to the report, 52% of public organisations cite a lack of resources and skills as the greatest challenge to creating effective cyber resilience programs. This skills shortage has created an attrition rate nearly 8% higher than other roles, making team consistency difficult to maintain.
Retention is another significant challenge, with 47% of security leaders reporting "major issues" keeping talented workers. Organisations must develop strategies to attract and retain skilled cybersecurity professionals, including offering flexible work arrangements, clear career paths, and opportunities for professional development.
Data Management and Governance
Data quality and management practices are crucial for effective AI implementation. The report indicates that only 24% of organisations are focusing on establishing a data-centric culture and ensuring data interoperability.
This short-sighted approach undermines the ability to effectively use and understand data across all levels of the organisation. Businesses must prioritize strong information governance practices, including clear policies for data collection, storage, and management, as well as robust data validation and cleansing processes.
Rising Costs of Cybercrime
The financial impact of cybercrime continues to escalate globally. The global average cost of a data breach reached nearly €5 million, representing a 10% increase from between 2023 and 2024 and still rising. This alarming trend underscores the importance of comprehensive cyber resilience strategies for organisations worldwide.
Smart Devices and IoT Security
The proliferation of smart devices and IoT products has transformed how we interact with technology but has also introduced new vulnerabilities. The report highlights that 72% of organisations are embracing secure-by-design principles to address these challenges.
Businesses must implement security frameworks that cover the entire lifecycle of smart devices, from secure design to decommissioning.
What Should Businesses Do?
-
Develop clear AI governance frameworks that prioritise transparency and accountability
-
Invest in continuous training programs to address the cybersecurity skills gap
-
Establish robust data management practices to support AI initiatives
-
Implement comprehensive security frameworks for smart devices and IoT
-
Create incident response plans that account for emerging threats like deepfakes
-
Regularly review and update cybersecurity strategies to stay ahead of evolving threats
→Download the full KPMG Cybersecurity Considerations 2025 report here.
→ Interested in how Wirtek help companies on cyber security? Click!
