Cyber Security is a Key Part of the Corporate ESG Agenda

Cyber security is a pressing issue for companies in every business sector. Consumers and customers alike are increasingly concerned over their privacy online, a matter that boards of directors now take seriously. The so-called environmental, social and governance agenda (ESG) has also taken an interest in cyber security, creating new opportunities that should be discovered.

There’s no way for an organization to be concerned solely with their cyber security challenges alone. The Web and cyberspace are closely interconnected and interdependent, making security threats a shared problem. That’s why being a good cyber citizen is of paramount importance. Digital citizenship and cyber hygiene are now widely discussed concepts, as is social responsibility in cyberspace. All of these security concepts seek to address the protection of sensitive information, prevent global terrorism, ensure public safety, and safeguard sensitive data.

It would be a mistake to think of cyber security as merely a technology issue. Instead, it’s a global issue for companies and their stakeholders. Security breaches and the potential for identity theft have created a global prevention movement that goes beyond the concerns of individual businesses. Indeed, good cyber hygiene and building a safe and secure network should be a priority for every organization that shares a concern for the common good.

Our age demands an expanded definition of corporate social responsibility. Today, cyber security measures must protect consumers and organizations in order to build a healthier, safer society at large.

Customers and clients should trust that organizations take their individual privacy rights seriously and should feel confident that their personal data won’t be shared without their knowledge. Data breaches are not only embarrassing to companies, but also injurious to those whose data has been exploited or breached. Effective cyber security solutions shield personal data from harm and protect the privacy rights of users.

For this reason, organizations that want to be good cyber citizens should prioritize their commitment to customer privacy. Not only is this good behavior, but it will also build trust with clients and customers. Cyber security threats like ransomware aren’t just a problem for the business targeted. These incidents also directly  affect customers, partners, and the larger digital world.

Crimes committed through cyberspace are growing. Given that we are dependent on an effectively functioning digital landscape in our hyper-connected society, organizations should realize that cyber security solutions will play a vital role in protecting our infrastructure from harm and allowing our societies to function. Recent examples of cyber attacks during war time only emphasize the need for a truly global solution to cybercrime.

Governments around the world have introduced cyber security regulations to make sure that companies prioritize privacy and security concerns.  In addition to the European Union’s General Data Protection Regulation (GDPR), other advanced nations are also drafting regulations to mandate cyber incident notification and transparency in cyber security measures. At the same time, investors, clients, and shareholders also want to know their data is being protected.

Security today is a social imperative, one that the business world can facilitate by creating a sound digital ecosystem trusted by stakeholders. 

A committed community of actors can improve cyber security standards across the business world. Strong organizations are built through collaboration with like-minded peers and the sharing of information.

Cybercrime is not simply a local problem. It affects all companies in all sectors, as well as the supply chain. However, if organizations team up with their customers, suppliers and regulators, the joint effort can improve cyber security across the entire digital ecosystem. Today, it’s a truism that no organization is an island in cyberspace.

In this landscape, the role of corporations is evolving. Corporate social responsibility means that organizations must take an active part in protecting client data, and shield the population at large from cyber scams, exploitation and bullying.

KPMG is part of this effort. Every year we sponsor a Global Cyber Day, a program that aims to educate young people about cyber risks. Through this effort, last year our member firms educated more than 100,000 students at 590 schools in 60 countries to be good cyber citizens and protect themselves against online threats. 

Here are a few immediate steps we can take to create a wider movement:

• Share with your peers: If your organization encounters a cyber threat, share that information with other companies in your sector. And don’t be afraid to lead. We all want better cyber security solutions, so share willingly and openly. In this issue, trust among peers benefits everyone.
• Focus on ecosystem security: Help suppliers create better cyber security capabilities. This isn’t just about contractual obligations. By helping to strengthen the entire digital ecosystem, you will be playing an active role in cyber citizenship education and supporting community cyber goals. 
• Protect your customers’ interests: What can your organization do to educate customers on cyber security threats and help them understand how their data is used? For instance, do your customers know enough about cyber fraud and identity theft? Can you show customers that you take the issue seriously by illustrating cooperative work with law enforcement and other authorities to counter cyber crime?
• Invest in the next generation: Wouldn’t it be great if young people had the technical  skills to protect themselves online? Organizations can help in that effort by providing training in cyber skills and promoting the idea of being good digital citizens. In addition to reputational benefits, this step actively helps young people build skills for the future.
• Play your part in digital society: Begin by asking if your organization is committed to society’s greater cyber security needs. Then act like a good cyber citizen by participating in the debates over ethics in our digital ecosystem.

With the help of the greater digital community, and by partnering with peers, we can all do our part in tackling cyber crime. While we are still in the early stages of this challenge, I believe that every organization will benefit by being a good cyber citizen and placing cyber security solutions at the center of their ESG agenda.

This article is based on an article published at KPMG global by Akhilesh Tuteja, Leadership | Article posted date 26, May, 2022