Almost two-thirds (61%) of IT security decision-makers (ITSDMs) believe that their company leadership overlooks the role of cybersecurity in business success, leading many to fall beneath the mark, new research has claimed.
A study of more than 2,000 ITSDMs across 23 countries by Delinea found a disconnect between cybersecurity and business goals had negative consequences in virtually nine in 10 (89%) cases.
This, according to the findings, resulted in an increased level of threat from cyber attacks, placing businesses at an otherwise avoidable risk.
Cybersecurity is being underestimated
More than one-third (36%) of the respondents believed that their company’s Board and C-Suite members saw cybersecurity only as a compliance and regulatory necessity, with an astonishing 17% failing to see it as a priority.
Precisely what is to blame differs for each company, however some of the key findings were delays in investments, delays in strategic decision-making, and unnecessary increases in spending.
Looking ahead, Delinea has suggested some important areas for attention both for companies that have failed to meet the mark, and those that have performed satisfactorily, because “there is still room to improve.”
Regular meetings between teams and execs are important to share and disseminate findings, while embedding security workers into various business operations can result in better cybersecurity performance.
This is all in an effort to not only prevent attacks but to meet compliance objectives and reduce the cost of security incidents, all of which ranked similarly important across the survey’s participants.
Chief Security Scientist and Advisory CISO Joseph Carson explained: “Executive leaders need to think of cybersecurity not only in terms of ticking the compliance box or protecting the company, but also in terms of the value it can deliver at a more strategic level,” describing the alignment between cybersecurity and business goals as “essential for success.”
