TRENDING INFOGRAPHIC
Study reveals 94 % of global organizations suffered one or more businessimpacting cyberattacks
Tenable illustrates the findings of a commissioned study conducted by Forrester Consulting which shows why cybersecurity risk strategies need to mature and how organizations need to act in order to thrive in a secure business environment .
How secure or at risk are organizations
from cyberattacks ? Only four out of
10 security leaders can answer this question with a high level of confidence . The Rise of the Business-Aligned Security Executive , a commissioned study conducted by Forrester Consulting on behalf of Tenable , surveyed over 800 security and business leaders . Its findings are sobering , with 94 % of respondents confirming their organization had suffered one or more business-impacting cyberattacks in the last year – that is , an attack resulting in a loss of customer , employee , or other confidential data ; interruption of day-to-day operations ; ransomware payout ; financial loss or theft ; and / or theft of intellectual property . Roughly two-thirds ( 65 %) said these attacks involved Operational Technology ( OT ) assets .
Multiple attacks were not uncommon , with 46 % confirming they ’ d weathered five or more business-impacting cyber events in the last 12 months .
The same study found that 68 % of respondents said they ’ d experienced an increase in the number of businessimpacting cyberattacks in the last two years . When looking to the future , 77 % of respondents expect an increase in cyberattacks over the next two years .
Cybersecurity needs to mature as a business risk strategy
In order to protect themselves against such attacks in the future , business leaders need a clear picture of how vulnerable their company is and how risk changes as business strategies are planned and implemented . The study results show that 75 % of global business and security executives only ‘ partially ’ align their strategies . Current developments make it clear that security and business managers must start to pull together .
So , what has to change ? It is difficult for security leaders to get a comprehensive picture of weaknesses in the company without the proper people , processes and technology . It ’ s vital that they are able to identify which services and applications are critical to the business and then focus on them .
To minimize the impact on their business , they need to work closely with their business partners and set priorities together .
Currently , fewer than 50 % of security leaders worldwide frame the impact of cybersecurity threats within the context of a specific business risk .
This must change quickly . Forward-thinking companies recognize the need to include cybersecurity in all business issues , decisions and investments . In fact , the study found that , when security and business leaders are aligned , they deliver positive results . Business-aligned security leaders are eighttimes as likely as their more siloed peers to be highly confident in their ability to answer the question : ‘ How secure or at risk are we ?’
The only way to thrive is to include cyber considerations in every business question , decision and investment . Instead of talking about vulnerability reduction or offering tactical metrics about controls , businessaligned security leaders will confidently evaluate the vulnerabilities that are critical to the assets that have the greatest effect on the business .
They will align the risk reporting in terms the business understands – customer churn as a result of a data breach or spoiled goods if a production line fails . This enables security leaders to provide an unambiguous , authoritative , answer when asked by business leaders , ‘ How secure , or at risk , are we ?’ •
“
CURRENT DEVELOPMENTS MAKE IT CLEAR THAT SECURITY AND BUSINESS MANAGERS MUST START TO PULL TOGETHER .
28 INTELLIGENTCIO www . intelligentcio . com