With rising concerns about the economy, fragile macroeconomic conditions are keeping business leaders up at night. And it makes sense: there’s a great deal of economic uncertainty facing leadership teams right now at both private and public companies.

Our latest PwC Pulse: Cautious to Confident found four out of five executives (81%) agree that a recession will occur in the next six months, noting concerns about high inflation, declining consumer purchasing power, the higher cost of capital and the Federal Reserve's aggressive tightening.

When we look at private companies, these concerns are heightened. Nine of 10 (92%) of private company respondents say they are either moderately or very concerned of an economic breakdown. The shock of a recession can hit private companies harder because they often experience changes in the economic environment earlier than their public counterparts.

Private companies are also more vulnerable to cyberattacks and the vast majority (83%) are concerned about cybersecurity. Public companies tend to have more sophisticated protections in place, making private businesses an easier target.

For private companies, taking action now has become more important than ever. Here are three steps private company leaders can take to improve their cyber posture and build organizational resilience when it matters most:

Promote cohesion across leadership and the enterprise.

Our latest Global Digital Trust Insights survey found that building resilience requires teamwork—and leaders need to work together to build a resilience program that integrates the following core competencies: crisis management, business continuity management, IT disaster recovery, physical security and emergency planning, and cyber resilience and supply chain resilience.

Invest in cyber across the organization.

The majority of executives surveyed say their organizations are increasing their cyber budget. Whether that means driving major initiatives to improve cyber posture, or spending more on upskilling and hiring cyber talent—these investments will vary by organization based on the unique threats they face, their vulnerabilities, and where they are on their cybersecurity journey.

Tie cyber risks to the organization’s business strategy.

Those overseeing their company’s strategy—whether it’s a private company board, or another leadership group—should not only think about cyber risks when dealing with an attack—but rather, proactively tie it to their business strategy. Keep an open dialogue around cyber risks so that they’re ingrained into the business strategy’s foundation. Continually assessing, understanding and making sure risks are part and parcel to the overarching business strategy is key. 

While the potential of a recession and an escalating threat landscape are causes for concern, the majority of private companies (63%) are still confident they can reach their short-term goals. While their confidence is somewhat diminished compared to their public counterparts (83%), it’s encouraging when we think about what resiliency means. But this optimism cannot lead to complacency. Private companies must bolster their cyber resilience and approach to cyberattacks not as a matter of if: but a matter of when.

Shawn Panson, U.S. Private Leader, PwC; Matt Gorham, Leader, PwC’s Cyber and Privacy Innovation Institute