Last year New Zealand CEOs saw the speed of technological change as the biggest threat to growth, but this year it’s cyber security: the speed of technological change does not even make the top 10.
Those were the headline findings from PricewaterhouseCoopers’ annual CEO survey, conducted as part of its global CEO survey.
Forty one percent of NZ CEO rated cyber threats as the number one threat to growth, 38 percent availability of key skills, 30 percent over regulation, 24 percent terrorism, 22 percent changing workforce demographics, and 22 percent populism. Globally cyber threats were in fourth position and, in Australia, in second position.
Mark Averill, CEO and Senior Partner at PwC New Zealand, said CEOs in New Zealand were some of the most pessimistic about the global economy, but bullish about their own prospects.
“Confidence levels here are nearly half the level they are in Australia and the USA,” he said.
“However, New Zealand CEOs aren’t as concerned about their own growth prospects, with almost 90 percent expecting to grow this year, a figure that’s ahead of our global results (although still lagging Australia’s 98 percent).”
The report said that, on average 15 percent of NZ CEOs were ‘extremely concerned’ about growth prospects versus 27 percent internationally. “Across almost every risk we saw lower levels of concern here than in the rest of the world.”
Averill said the results showed that NZ CEOs were getting up to speed on digital and technology, “but the fact cyber attacks are the top risk to growth shows how vulnerable New Zealand organisations are.”
In October 2016 PwC NZ issued a damning report on the cyber security practices of New Zealand organisations saying they had failed to evolve to keep pace with digital transformation and were lagging well behind those in other countries. NZ organisations’ attitudes to data privacy also came in for scathing criticism.
PwC found that, compared to the rest of the world, Kiwi businesses were lagging in the amount of spending directed towards cyber security, and that expenditure was directed to basic measures rather than those more likely to address the insider and partner issue, such as comprehensive identity management systems and tighter control over administrator privileges.