Intelligent CIO North America Issue 6 - Page 29

INFOGRAPHIC
Cybersecurity needs to mature as a business risk strategy
In order to protect themselves against such attacks in the future , business leaders need a clear picture of how vulnerable their company is and how risk changes as business strategies are planned and implemented . The study results show that 75 % of global business and security executives only ‘ partially ’ align their strategies . Current developments make it clear that security and business managers must start to pull together .
So , what has to change ? It is difficult for security leaders to get a comprehensive picture of weaknesses in the company without the proper people , processes and technology . It ’ s vital that they are able to identify which services and applications are critical to the business and then focus on them . To minimize the impact on their business , they need to work closely with their business partners and set priorities together .
vulnerabilities that are critical to the assets that have the greatest effect on the business . They will align the risk reporting in terms the business understands – customer churn as a result of a data breach or spoiled goods if a production line fails . This enables security leaders to provide an unambiguous , authoritative , answer when asked by business leaders , ‘ How secure , or at risk , are we ?’ p
Business leaders need a clear picture of how vulnerable their company is and how risk changes as business strategies are planned and implemented .
Currently , fewer than 50 % of security leaders worldwide frame the impact of cybersecurity threats within the context of a specific business risk . This must change quickly . Forward-thinking companies recognize the need to include cybersecurity in all business issues , decisions and investments . In fact , the study found that , when security and business leaders are aligned , they deliver positive results . Business-aligned security leaders are eight-times as likely as their more siloed peers to be highly confident in their ability to answer the question : ‘ How secure or at risk are we ?’
The only way to thrive is to include cyber considerations in every business question , decision and investment . Instead of talking about vulnerability reduction or offering tactical metrics about controls , businessaligned security leaders will confidently evaluate the
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 29