Cyber and privacy leaders' agenda

Cyber and privacy leaders must act now to tackle today’s most pressing security challenges.

Responding to cyber risks

In this webcast, Does cybersecurity only become a priority once you’ve been attacked?, our panelists discuss how the cyber threat landscape is changing.


Watch on-demand

How do you switch trajectory at speed when you’re under threat?

8 minute read 6 Aug 2020

Even in times of a global crisis, cybersecurity and privacy threats don’t abate. If anything, the threat level increases as cyber attackers are even more determined and resourceful.

Now more than ever, you need to get strategies and priorities right. Here's how in three steps:  

Cybersecurity budgets in flux

73% of security leaders expect their budgets to be impacted by COVID-19. Four in ten (41%) expect a reduction in funding, but about one-third (32%) expect budgets to rise.

Read more

Despite ongoing uncertainty over whether budgets will shrink or grow, EY research reveals that leaders expect to invest in the following areas:

  • Identity and access management

    The shift to remote working during the COVID-19 pandemic brought the importance of robust identity and access management (IAM) practices firmly into the spotlight. It has become an integral pillar of an organization’s security infrastructure as the business demands better access controls in a less controlled network environment with shared platforms.

    The increased use of personal devices and remote access to core business systems increases the threat landscape of businesses. However, adoption of new IAM controls and processes will mitigate the cyber risks and threats for organizations.

    What can security leaders do now, next and beyond?
    1. Now – solve the current crisis
      Perform an impact assessment of remote working, IAM processes, and secure access to critical and non-critical applications. Support contingency programs including IAM process simplification and work-arounds, and re-organize IAM operations to accelerate execution and monitoring of remote and privileged access.
    2. Next – steps for year-round
      Assess the appropriateness of remote access by critical/non-critical application, and review the revised access controls with your compliance teams. Also gain buy-in from your compliance team for simplified procedures, including access to business applications.
    3. Beyond – resiliency and risk management
      Enhance your IAM capability through improved contingency processes, awareness, reporting, technology and collaboration.
    How do you switch trajectory at speed when you’re under threat?

    There's a long list of organizational vulnerabilities for CISOs to contend with, but some practical steps can help mitigate these.

    6 Aug 2020 Kris Lovejoy

    COVID-19: How future investment in cybersecurity will be impacted

    The COVID-19 crisis is elevating the importance and value of security leaders and teams.

    23 Jul 2020 Kris Lovejoy

  • Data protection and privacy

    It is well understood that privacy needs to evolve. This is driven by technological developments as well as changes in societal attitudes and perceptions – ordinarily rooted in national and cultural factors – which are highly reactive to the perception of peripheral events. 

    Now, in the midst of the COVID-19 pandemic, we must ask ourselves … what happens next? Have consumer perceptions of privacy fundamentally changed? Have our perceptions about trustworthiness of government and business shifted? Is there an opportunity for governments and businesses to redefine approaches to collection and use of personally identifiable information (PII) moving forward?

    What to do now that the EU-US Privacy Shield Framework is invalid

    The Schrems II ruling creates new challenges for organizations’ cross-border data transfer with far-reaching consequences.

    28 Sep 2020 Tony DeBos

    How to minimize risk through data disposition

    Many organizations are struggling with the challenge of how to dispose of sensitive data but there is a methodology that works.

    15 Jan 2021 Varun Sharma

    How location tracking is raising the stakes on privacy protection

    Managing and securing personal data takes more cross-functional collaboration throughout businesses than ever before.

    18 Sep 2020 Meribeth Banaschik

  • Co-sourcing and outsourcing

    Cybersecurity is increasingly diverse and complex and is now a critical function to enterprise risk management, requiring constant proper due care. The COVID-19 pandemic has demonstrated the negative impact of rapid operational disruption. The need to temporarily redirect internal resources, to meet a surge in certain areas or obtain specialized resources, can make adding an outsourcing partner to your strategy a sound component to your business risk management efforts.

    At minimum, seeking help with critical cybersecurity operational functions, such as cyberthreat detection and response or identity and access management, might be the right decision.

    COVID-19 pandemic: How banks can increase resilience against financial crime

    A more agile, efficient and resilient approach to financial crime compliance can give banks the confidence to recover faster and stronger.

    16 Jul 2020 Dai Bedford

    COVID-19: How future investment in cybersecurity will be impacted

    The COVID-19 crisis is elevating the importance and value of security leaders and teams.

    23 Jul 2020 Kris Lovejoy

Case study: creating a smarter, safer grid for new meters

EY teams are helping a national electricity company reinforce its legacy power infrastructure for a trusted, cyber-safe future.

Read more


detail electricity meter

Privacy in the wake of COVID-19

EY and The International Association of Privacy Professionals (IAPP) launch new research on remote working, employee health monitoring and data sharing.

Get the report from

How do you reframe for growth in a volatile environment?

Decisions on transformation can no longer be delayed. To be growth-ready for the post-pandemic recovery, businesses must reset, reimagine and reinvent. Here’s how.

17 Sep 2020 Falco Weidemeyer

How the right conversations can empower finance transformation strategies

Companies need more open dialog about how to effectively implement new technology. Finding the headspace for these conversations is key.

10 Feb 2021 Christophe Kasolowsky

Transformation Realized

Transforming businesses through the power of people, technology and innovation.

Discover more

Contact us

Like what you’ve seen? Get in touch to learn more.