Cybersecurity update: A leader’s guide

Leading Off

Watch out ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌   ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 
Leading Off

Brought to you by Alex Panas, global leader of industries, & Axel Karlsson, global leader of functional practices and growth platforms

Welcome to the latest edition of Leading Off. We hope you find our insights useful. Let us know what you think at Alex_Panas@McKinsey.com and Axel_Karlsson@McKinsey.com.

—Alex and Axel

An image linking to the web page “Boards of directors: The final cybersecurity defense for industrials” on McKinsey.com.

Cyberattacks have become so damaging—the estimated annual cost of cybercrime could reach $10.5 trillion by 2025—that some organizations have invested in extensive defensive capabilities, including, in some cases, military-grade technology and cyber talent. While these can be effective safeguards, it’s also critical to consider the role that boards of directors could play in shoring up cyber defenses, according to McKinsey experts in a new article. Besides providing oversight and guidance, board members can evaluate the potential impact on business and “make sure the security team feels the mantle of accountability to deliver on what they promised,” observe the authors. “When it comes to cybersecurity, the ultimate compliment for an organization is that nothing happens—the enterprise keeps running uninterrupted. A board of directors can lead that charge.”

An image linking to the web page “Managing the risks around generative AI” on McKinsey.com.

It’s often a challenge for companies to keep their cybersecurity protocols up to date—and generative AI (gen AI) has only made it more difficult. “Malicious use has been more headline-grabbing because of deepfakes and scams,” says McKinsey senior partner Ida Kristensen in an episode of the Inside the Strategy Room podcast. For example, in the past, most spam emails could be identified readily by their “bad grammar, bad language, and things that just didn’t quite make sense,” she says. “But now it is so much easier to create high-quality spam emails using gen AI.” While security controls and oversight can help, enhanced human awareness of risk may offer the most effective protection. “Risk management is everyone’s job,” says Kristensen. “You’ve got to make sure that you have people who say, ‘That’s a little weird. That guy never leaves me a voicemail.’”

An image linking to the web page “Cybersecurity trends: Looking over the horizon” on McKinsey.com.

Cyberattacks may not be colorful, but the language used to describe them can be. “Pig butchering” joins the lexicon of cyberthreat standards such as phishing, pharming, smurfing, and island hopping. Derived from the practice of fattening hogs before slaughter, the term pig butchering refers to swindles where the scammers gradually “fatten” victims by gaining their trust and eventually lure them into making financial investments. What precautions can businesses take against this and other types of online fraud? “Even today’s most sophisticated cybercontrols, no matter how effective, will soon be obsolete,” caution McKinsey partner Jim Boehm and colleagues, pointing to three cybersecurity trends that leaders may need to watch to understand and mitigate the disruptions of the future.

Lead by improving cybersecurity.

— Edited by Rama Ramaswami, senior editor, New York

Share these insights

Did you enjoy this newsletter? Forward it to colleagues and friends so they can subscribe too. Was this issue forwarded to you? Sign up for it and sample our 40+ other free email subscriptions here.

This email contains information about McKinsey’s research, insights, services, or events. By opening our emails or clicking on links, you agree to our use of cookies and web tracking technology. For more information on how we use and protect your information, please review our privacy policy.

You received this email because you subscribed to the Leading Off newsletter.

Manage subscriptions | Unsubscribe

Copyright © 2024 | McKinsey & Company, 3 World Trade Center, 175 Greenwich Street, New York, NY 10007


by "McKinsey Leading Off" <publishing@email.mckinsey.com> - 04:20 - 23 Sep 2024