\n<\/p>\n
HONG KONG SAR –\u00a0<\/span>Media
To read a full copy of the report, please visit: <\/i><\/b>https:\/\/www.trendmicro.com\/explore\/en_gb_trendmicro-global-risk-study<\/i><\/a> <\/i><\/b><\/p>\n \u00a0<\/i><\/b><\/p>\n “IT leaders are self-censoring in front of their boards for fear of
The research reveals that just 50% of IT leaders and 38% of business
There’s also disagreement between IT and business leaders over who’s
\u00a0<\/p>\n This friction is causing potentially serious issues: 52% of
\u00a0<\/p>\n However, 31% of respondents believe cybersecurity is the biggest
\u00a0<\/p>\n There are three main ways respondents believe the C-suite will sit up
“To make cybersecurity a board-level issue, the C-suite must come to
\u00a0<\/p>\n
\nOutReach<\/a>\u00a0–\u00a016 November 2021 –\u00a0<\/span>Trend Micro Incorporated<\/a> (<\/span>TYO: 4704<\/a>;<\/span> TSE:
\n4704<\/a>), a global cybersecurity leader, today
\nannounced new research* revealing that <\/span>90% of IT
\ndecision makers claim their business would be willing to compromise on
\ncybersecurity in favor of digital transformation, productivity, or other goals.<\/span>
\nAdditionally, 82% have felt pressured to downplay the severity of cyber risks
\nto their board.<\/span><\/p>\n
\nappearing repetitive or too negative, with almost a third claiming this is a
\nconstant pressure. But this will only perpetuate a vicious cycle where the
\nC-suite remains ignorant of its true risk exposure,” said Bharat Mistry, UK
\ntechnical director for Trend Micro. “We need to talk about risk in a way that
\nframes cybersecurity as a fundamental driver of business growth \u2013 helping to
\nbring together IT and business leaders who, in reality, are both fighting for
\nthe same cause.”<\/p>\n
\n“IT decision makers should never have to downplay the severity of cyber risks
\nto the Board. But they may need to modify their language so both sides understand
\neach other,” said Phil Gough, Head of Information Security and Assurance at
\nNuffield Health. “That’s the first step to aligning business-cybersecurity
\nstrategy, and it’s a crucial one. Articulating cyber risks in business terms
\nwill get them the attention they deserve, and help the C-suite to recognise
\nsecurity as a growth enabler, not a block on innovation.”<\/p>\n
\ndecision makers believe the C-suite completely understand cyber risks. Although
\nsome think this is because the topic is complex and constantly changing, many
\nbelieve the C-suite either doesn’t try hard enough (26%) or doesn’t want (20%)
\nto understand.<\/p>\n
\nultimately responsible for managing and mitigating risk. IT leaders are nearly
\ntwice as likely as business leaders to point to IT teams and the CISO. 49% of
\nrespondents claim that cyber risks are still being treated as an IT problem
\nrather than a business risk.<\/p>\n
\nrespondents agree that their organization’s attitude to cyber risk is
\ninconsistent and varies from month to month. <\/p>\n
\nbusiness risk today, and 66% claiming it has the highest cost impact of any
\nbusiness risk \u2013 a seemingly conflicting opinion given the overall willingness
\nto compromise on security. <\/p>\n
\nand take notice of cyber risk:<\/p>\n\n
\norganization<\/li>\n
\nand more easily explain the business risk of cyber threats<\/li>\n
\nstart demanding more sophisticated security credentials<\/li>\n<\/ul>\n
\nview it as a true business enabler,” said Marc Walsh, Enterprise Security Architect at Coillte<\/a>. “This
\nwill prompt IT and security leaders to articulate their challenges to the board
\nin the language of business risk. And it will require prioritized, proactive
\ninvestments from the boardroom \u2013\u00a0not just band-aid solutions following a
\nbreach.”<\/p>\n