Trend Micro shared results from a study that reveals systemic challenges with security integration into business processes. The report includes the top ways to drive engagement and agreement around cybersecurity strategies within an organization.
The study found that only 23% of organizations prioritize the alignment of security with key business initiatives. Here are three key recommendations to remedy this core challenge:
Add a Business Information Security Officer (BISO) to improve business-security alignment.
Build a top-down, measurable program to help CISOs better communicate with their boards.
Change reporting structures so CISOs report direct to their CEO.
Security still viewed as primarily a technology area
The study also found that when board members are more educated and engaged in the cybersecurity function, they ask tougher questions, dig deeper into issues, and are more likely to make the leap from technical to business issues.
82% of survey respondents claimed that cyber risk has increased in the past two years, thanks primarily to a rise in threats, an expanding corporate attack surface and the fact that business processes are more dependent than ever on technology.
Yet despite the rapid adoption of digital transformation processes in the past year, security is still viewed as primarily (41%) or entirely (21%) a technology area.
Board members and cybersecurity prioritization
The lack of cybersecurity prioritization of security is particularly true in the boardroom. Although 85% of respondents claimed that the board of directors are more engaged in security decisions and strategy than two years ago, often those executives are passively drawn in because of a major breach, new compliance requirements or the ..
Support the originator by clicking the read the rest link below.
