Monday , December 23 2024
Home / Media OutReach / New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy

New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy

ESG study reveals prevailing problem of under-prioritized security technology

HONG KONG SAR – Media OutReach – 29 January 2021 –
(
;), the leader in cloud security, shared results from a sponsored study conducted by the Enterprise
Strategy Group (ESG)[1]
that reveals systemic challenges with security integration into business
processes. The report includes the top ways to drive engagement and
agreement around cybersecurity strategies within an organization.


 


Read
a full copy of the report, Cybersecurity in the C-suite and Boardroom (
https://resources.trendmicro.com/rs/945-CXD-062/images/ESG-eBook-TrendMicro-Cyber-C-Suite-Boardroom-Dec2020.pdf), or watch this webinar to
learn more (https://resources.trendmicro.com/WBN-ESG-Cybersecurity-Boardroom.html?linkId=109490866).


 


The study found that only 23% of organizations prioritize the alignment of security
with key business initiatives. Here are three key recommendations to remedy
this core challenge:


 


  1. Add a Business Information Security Officer (BISO) to improve business-security
    alignment.
  2. Build a top-down, measurable program to help CISOs better
    communicate with their boards.
  3. Change reporting structures so CISOs report direct to their CEO.






 


The study also found that when board members are more educated and engaged in the
cybersecurity function, they ask tougher questions, dig deeper into issues, and
are more likely to make the leap from technical to business issues.


 


The
vast majority (82%) of survey respondents claimed that cyber risk has increased
in the past two years, thanks primarily to a rise in threats, an expanding
corporate attack surface and the fact that business processes are more
dependent than ever on technology.


 


Yet
despite the rapid adoption of digital transformation processes in the past
year, security is still viewed as primarily (41%) or entirely (21%) a
technology area.


 


The lack of cybersecurity prioritization is
particularly true in the boardroom. Although 85% of respondents claimed that
the board of directors are more engaged in security decisions and strategy than
two years ago, often those executives are passively drawn in because of a major
breach, new compliance requirements or the creation of a security program by a
CISO.


 


In
fact, 44% of respondents indicated that their board of directors have limited
involvement in many critical cybersecurity operations. This lack of engagement
means many boards are only prepared to fund the bare minimum to meet
requirements for compliance and protection.


 


“Striving for ‘good enough’ security is
frankly not good enough given today’s cyber risk landscape. This report mirrors
many of my conversations with CISOs highlighting that lack of boardroom
engagement can lead to poor cyber hygiene, and security that is not properly
integrated into business processes,” said Ed Cabrera, chief cybersecurity
officer for Trend Micro. “We can only create a culture of cybersecurity if CEOs
and corporate directors lead by example. This encourages every employee to believe
they have a role in protecting the organization.”




[1] The study was
compiled from a web-based survey of 365 senior business, cybersecurity, and IT
professionals in North America (US and Canada) and Western Europe (UK, France,
and Germany) working at midmarket (500-999 employees) and enterprise-class
(1,000+ employees) organizations.


Source link

About admin

Check Also

Fushi Technology to Launch AI Agent Industry Vertical Applications, Accelerating Southeast Asia Market Expansion

HONG KONG SAR – Media OutReach Newswire – 22 December 2024 – On December 20th, …

Leave a Reply

Your email address will not be published.