Here’s how businesses prioritize cybersecurity 

Only 1/3 of organizations involve cybersecurity function at the planning stage of a new business

Cybersecurity

Here’s how businesses prioritize cybersecurity. Source: shutterstock.com

EY Global Information Security Survey revealed that almost 60% of organizations have faced an increased number of disruptive attacks during 2019.

Moreover, over the last 12 months, activists were responsible for 21% of successful cyber-attacks compared to last year’s report. 2019’s study unveiled that just 12% of respondents considered activists to be the most likely source of an attack.

The survey showed that only 36% of technology-enabled business initiatives include the security team from the beginning, despite the rising risk of cyber-attacks.

Cybersecurity has traditionally been a compliance activity, bolted on by a checklist approach instead of built into every technology-enabled business initiative. This is not a sustainable model. If we ever hope to get ahead of the threat, we must focus on creating a culture of security by design. This can only be accomplished if we successfully bridge the divide between the security function and the C-suite and enable the chief information security officer (CISO) to act as a consultant and enabler instead of the stereotypical roadblock
Kris Lovejoy, EY Global Cybersecurity Leader, Advisory

The study unveiled there is a disconnect with other parts of the business, despite cybersecurity teams have good relations with adjacent functions such as IT, audit, risk and legal.

74% of the respondents said that the relationship between cybersecurity and marketing is neutral, if not mistrustful or non-existent. Meanwhile, 64% of them say the same about the research and development team and 59% for the lines of business.

Categories: All materials News Tech