Many businesses forced to compromise security to focus on other goals
Most still think of cyber risks as an IT issue rather than a business risk
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
An overwhelming majority (90%) of IT decision makers claim their business would be willing to compromise oncybersecurityin favor ofdigital transformation, productivity, or other goals, suggests a new survey.
Conducted byTrend Micro, the survey focuses on the psychology of risk within an organization. Comparing the attitudes of IT and business leaders, the survey finds that 82% of IT decision makers have felt pressured to downplay the severity of cyber risks to their board.
“IT leaders are self-censoring in front of their boards for fear of appearing repetitive or too negative, with almost a third claiming this is a constant pressure. But this will only perpetuate a vicious cycle where the C-suite remains ignorant of its true risk exposure,” suggests Bharat Mistry, UK technical director for Trend Micro.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
He suggests that IT leaders should talk about risk in a way that frames cybersecurity as a fundamental driver of business growth, in order to get them on the same platform as the business leaders.
Change the tone
According to the research only half of the IT leaders, and 38% of business decision makers believe that C-suite executives completely grasp cyber risks.
While some think this is because the topic is complex, many believe it is because the C-suite executives either don’t try hard enough (26%) or don’t want (20%) to understand.
Not surprisingly, 49% of respondents claim that cyber risks are still being treated as an IT problem rather than a business risk.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Phil Gough, Head of Information Security and Assurance at Nuffield Health believes that instead of downplaying the severity of cyber risks to the Board, IT decision makers should try to modify their language so both sides understand each other.
“That’s the first step to aligning business-cybersecurity strategy, and it’s a crucial one. Articulating cyber risks in business terms will get them the attention they deserve, and help the C-suite to recognize security as a growth enabler, not a block on innovation,” suggests Gough.
Highlighting another point of contention, the survey suggests that there’s also disagreement between IT and business leaders over who’s ultimately responsible for managing and mitigating risk. It finds that IT leaders are nearly twice as likely as business leaders to point the finger to IT teams.
Use thesebest firewall apps and servicesto build a digital moat around your network, and shield your computers with thesebest antivirus software
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well
