HomeTechnologyIT security remains neglected...

IT security remains neglected by business leaders

Cyber ​​security objectives should be seen as an integral part of any organization’s business objectives (photo: CC0 Public Domain)

Only 39% of organizations’ IT security officers believe that their company’s leadership understands the role of cyber defense as a key driver of business value. Over a third of CISOs (36%) believe that their bosses view security as important only in relation to regulatory compliance. 17% say it is not seen as a business priority at all.

These are some of the findings of a study by Delinea, a provider of PAM solutions, based on a global study revealing the effect of the disconnection between cyber-security activities and the overall business. Over 2,000 IT Security Decision Makers (ITSDM) were surveyed for the analysis.

A mismatch between business and cybersecurity goals appears to result in at least one negative consequence for 89% of organizations. More than a quarter of surveyed CISOs (26%) also reported that top management neglect has led to an increased number of successful cyber attacks within their company.

Negative consequences

The effect of divergence is far-reaching. It has contributed to investment delays (35%), strategic decision-making delays (34%) and unnecessary cost increases (27%).

There are also consequences for the people themselves. 31% of IT Security Officers surveyed reported that the discrepancy affected their entire teams in terms of stress. Global economic uncertainty is exacerbating the situation. Half of respondents (48%) say that as a result it is becoming increasingly difficult to achieve synchronization between cyber security and overall business goals.

If there is anything encouraging in the findings, it is that the majority of cyber defense teams (62%) meet regularly with their business counterparts at the highest level. Additionally, 54% of companies report that IT security team members are “embedded” in business functions.

Lack of understanding

However, the survey shows that there is room for improvement, as less than half of organizations (48%) document policies and procedures to facilitate alignment between business and cyber security objectives. A third of respondents (33%) reported that alignment occurs on an “ad-hoc” basis.

The analysis also highlights that the metrics used to measure and demonstrate the value of cybersecurity are still closely tied to technical metrics. For example, the number of attacks prevented (31%) was cited as the most important measure of success. This is followed by data on achieving regulatory compliance goals (29%) and reducing the cost of security incidents (29%).

“Cyber ​​security can be a huge factor for business. But the research suggests there is more work to be done at board level when it comes to changing attitudes. Executives need to think about IT security not just in terms of ticking a box for regulatory compliance or protecting the company, but also in terms of the value they get at a more strategic level,” said Joseph Carson, Chief Security Scientist and Chief Information Security Officer (CISO) at Delinea.

Valuable skills

Building the business skillset of security managers can improve the picture. However, respondents cited technical skills as the most valuable cybersecurity leaders should possess. They are rated higher than other skills such as communication, collaboration, insight and people management skills.

Almost a third (31%) believe that presenting business cases to the board of directors and senior managers is a significant gap in their skill set. When it comes to communication skills, 30% of respondents identified them as an “area for improvement”.

Need to level up

“Aligning the importance of IT security with other business objectives is essential to the success of any organization. The research clearly highlights the negative consequences when the goals of different teams are not fully synchronized,” adds Carson. Everyone in an organization must have a clear understanding of all important business functions and the value of cyber defense must be clear to them as an integral part of business objectives.

At the heart of the problem is communication. Strong technical skills are still important, but security leaders need the ability to communicate and persuade, influence and represent the value their work brings to business outcomes.

- A word from our sponsors -

Most Popular

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More from Author

Quantum Leap in Window Technology Delivers Dramatic Energy Savings

Researchers at the University of Notre Dame have developed a new...

Hidden Currents Driving Antarctica’s Rapid Melt

New research highlights how interactions between ocean currents and the ocean...

“Extraordinary Potential” – The New Dawn of Low-Cost, High-Efficiency Solar Cells

Researchers at Soochow University have highlighted the potential for significant advancements...

- A word from our sponsors -

Read Now

A Super Cosmic Ray Accelerator – Chinese Astronomers Discover Giant Ultra-High-Energy Gamma-Ray Bubble

LHAASO has identified a super cosmic ray accelerator in a gamma-ray bubble in the Cygnus region, marking a significant advancement in understanding cosmic rays with energies exceeding 10 PeV and their origins within the Milky Way. Rendering of a giant ultra-high-energy gamma-ray bubble structure. Credit: China Media...

Quantum Leap in Window Technology Delivers Dramatic Energy Savings

Researchers at the University of Notre Dame have developed a new window coating to block heat-generating ultraviolet and infrared light and allow for visible light, regardless of the sun’s angle. Credit: University of Notre DameA new window coating reduces indoor temperatures and energy costs by selectively blocking...

Hidden Currents Driving Antarctica’s Rapid Melt

New research highlights how interactions between ocean currents and the ocean floor, rather than just wind, are crucial in driving the rapid melting of Antarctic ice shelves, posing a threat to global sea levels. Dotson Ice Shelf, Amundsen Sea, Antarctica. Credit: Taewook ParkMeandering ocean currents play an...