Almost all businesses feel impact of cyber attacks

Yet only four out of 10 security leaders in the UK can answer the question, “How secure, or at risk, are we?”

  • 3 years ago Posted in
Tenable has published a global industry study that reveales the vast majority of UK organisations (96%) have experienced a business-impacting cyberattack in the past 12 months, according to both business and security executives. The data is drawn from ‘The Rise of the Business-Aligned Security Executive,’ a commissioned study of more than 800 global business and cybersecurity leaders, including 103 respondents in the UK, conducted by Forrester Consulting on behalf of Tenable.

 

As cybercriminals continue their relentless attacks, 63% of respondents in the UK have witnessed a dramatic increase in the number of business-impacting cyberattacks over the past two years. Unfortunately, these attacks had damaging effects, with organisations reporting loss of employee data (44%), financial loss or theft (36%) and customer attrition (34%). Sixty-five percent of security leaders in the UK say these attacks also involved operational technology (OT).

Business leaders want a clear picture of how at risk they are and how that risk is changing as they plan and execute business strategies. But only four out of 10 of local security leaders say they can answer the fundamental question, “How secure, or at risk, are we?” with a high level of confidence, despite the prevalence of business-impacting cyberattacks.

 

Looking at global respondents, fewer than 50% of security leaders said they are framing cybersecurity threats within the context of a specific business risk. For example, though 96% of respondents had developed response strategies to the COVID-19 pandemic, 75% of business and security leaders admitted their response strategies were only “somewhat” aligned.

 

Organisations with security and business leaders who are aligned in measuring and managing cybersecurity as a strategic business risk deliver demonstrable results. Compared to their siloed peers, business-aligned security leaders are:

       Eight times more likely to be highly confident in their ability to report on their organisations’ level of security or risk.

       90% are very or completely confident in their ability to demonstrate that cybersecurity investments are positively impacting business performance compared with 55% of their siloed counterparts.

       85% have metrics to track cybersecurity ROI and impact on business performance versus just 25% of their siloed peers.

       Organisations with business-aligned cybersecurity leaders are also:

       Three times [3.2x] more likely to ensure cybersecurity objectives are in lock step with business priorities.

       Three times [3.3x] more likely to have a holistic understanding of their organisation’s entire attack surface.

       Three times [3.3x] more likely to use a combination of asset criticality and vulnerability data when prioritizing remediation efforts.

 

“In the future, there will be two kinds of CISO -- those who align themselves directly with the business and everyone else. The only way to thrive in this era of digital acceleration is to bring cyber into every business question, decision and investment,” said Renaud Deraison, Chief Technology Officer and co-founder, Tenable. “We believe this study shows that forward-leaning organisations view cybersecurity strategy as essential to innovation and that when security and the business work hand-in-glove, the results can be transformational.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...