Mark Skilton, a Professor of Practice at Warwick Business School and an expert on cyber security, has commented on the uptake by PwC. Professor Skilton said “the area of risk and cyber threats is particularly attractive to consultancies at the moment with three major trends requiring advisory support and solutions.
Click to read a report: PwC’s Global Economic Crime Survey 2016 (Malaysia report)
“Firstly, the rapid increase in cyber-attacks and the need for the board and organisations to invest better in protection and management systems.
“Secondly there is an increasing demand for innovation and agile solutions from companies seeing new ways to compete in the market. Digital disruption is changing customer experience: customers are increasingly 24/7 and always online with mobile devices and mobile apps connected.
“This is changing how and what companies need to have in place to deliver their products and services either directly or indirectly online and off line. Companies may not fully understand the changing risks and issues this new technology and the customer behaviour involved in using these tech solutions will have on their business bottom line as well as how the risks and threats change.
“Thirdly, this is driving the rise of what Gartner call, ‘bimodal IT’ where there is an increasing use of agile innovative prototyping and flexible customer and operating model solutions, but, at the same time, there remains the existing legacy systems and IT portfolio management that needs to be kept stable and managed.
“This creates a paradox in the need to change the IT while at the same time retaining a sense of control and robust delivery. This is further changing the risk profile of organisations and the need to navigate through enabling both worlds.
“Consultancies have always operated in the risk advisory space, but this is likely to evolve into becoming an integrated offering across all consulting services rather than an add-on called ‘digital trust’ or something the actuaries and so called risk partners offer as a due diligences oversight service.
“The more enlightened consulting offerings will need to work end-to-end and integrate with trust and cyber risk to deliver the Enterprise Risk Management (ERM) and the Security Information & Event Management (SIEM) services that are truly 21st century and fit for purpose.”