In our Forecast 2021 podcast series, we’re focused on preparing you for the year ahead by offering insights to help you better understand and manage some of the opportunities and challenges that your company might face—think policy, technology, and other big picture topics.Cyber risk is a top priority for businesses; and, considering every business can be vulnerable, targeted, and attacked, businesses are changing their cyber strategy and investing more. But, are those investments in the right areas? This week host Heather Horn sat down with Joseph Nocera, leader of PwC's Cyber & Privacy Innovation Institute, and Harshul Joshi, a PwC cybersecurity, privacy, and forensics principal, to understand cybersecurity risks and the leading practices for limiting exposure and recovering quickly.Topics include:0:59 - The hallmarks of good cybersecurity. Even the best can be breached, so what’s a company to do? We begin with the fundamentals of baking cybersecurity into every business decision and allocating cyber spend to technologies, processes, and developing talent.7:41 - The 5 levers of security. We discuss leading practices for developing a risk management strategy: identification, prevention, detection, response, and recovery.13:12 - Types of cyber attacks. Cyber attacks come in two flavors:13:51 - External cyber attacks19:21 - Internal cyber attacks22:36 - Addressing the gaps. In addition to information technology considerations, attention also needs to be given to operational technology (OT). We discuss what that means and the cyber risk challenges in OT environments.37:38 - Detection and response. You’ve had an attack, now what? We talk about early warning signals and key considerations post-breach.40:09 - What’s next in cybersecurity. We close with thoughts on the increasing role privacy plays in cybersecurity and the rise of quantum computing.Want to learn more? Read PwC's 2021 Global Digital Trust Insights and PwC’s Digital Trust Insights Pulse Survey.Joseph Nocera is the leader of PwC's Cyber & Privacy Innovation Institute. Joe’s experiences range from IT auditing to large scale systems implementation. He has extensive experience helping organizations meet regulatory demands and build information security departments, information risk management functions, and effective IT governance functions.Harshul Joshi is a PwC cybersecurity, privacy, and forensics principal with more than 17 years of experience in the fields of regulatory compliance, cyber security, governance, risk, internal audit, and privacy. Harshul has a successful track record of working with various C-suite executives, regulatory bodies, and functional stakeholders to implement effective security programs.Heather Horn is PwC’s National Office thought leader, responsible for developing our communications strategy and conveying firm positions on accounting and financial reporting matters. Transcripts available upon request for individuals who may need a disability-related accommodation. Please send requests to us_podcast@pwc.com.