Security isn’t getting more simple. In our most recent survey, the State of Cybersecurity Resilience survey 4,744 executives in the field of information security revealed their methods for ensuring cyber resilience and the overwhelming majority (81 percent) were of them saying that being ahead of attackers “is a constant battle and the cost is unsustainable.” The issue has become more difficult after nearly two years of remote working and a 32 percent rise in cyberattacks that have been successful over the next decade.
As the person who oversees the company and the business’s strategy, you’re already working with the rest of the board to ensure that cybersecurity requirements are balanced with the business strategy. In our study, we identified what makes organisations “cyber champions”–those which suffer from the least significant cyber attacks, experience a quicker reaction to remediation and detection and are better equipped to safeguard themselves from the loss of data, and strive to integrate cybersecurity into the overall business strategy. The companies that are “cyber champions,” which make up 5 percent of the sample, excel in striking the optimal balance between cyber resilience and business goals which is a crucial job that must be governed by the CEO and backed by the Board.
Based on our research board members can inspire their organisations to be Cyber champions through three crucial actions differently:
The first step is to first, invite your chief information security officers (CISO) to join the table.
Seventy percent of cyber-friendly companies have CISOs reporting to the CEO and the board. Additionally, they have an intimate rapport with chief financial officers (CFO)–cyber champion CISOs are reported to the CFO about cybersecurity seven times as frequently in comparison to other participants. CISOs are also able to meet with the chief executive officer as well as the chief financial officer to create the cybersecurity plan.
The Cyber Champions’ CISOs also have more freedom when it comes to cybersecurity budgeting. Not all of them need the CEO or board to approve it. (Also worth noting: for those who responded, the proportion of boards that approve cybersecurity budgets grew between 8 and 14 per cent for 2020, and 14 percent in the year ahead).
More CISOs report to the board — increasing between 19 and 23 percent by 2021. Even in the case that the CISO is already in the position of reporting to the board you could also help them to break away from security-focused silos and tap into the knowledge of your wider management team to help benefit the entire business.
The second is to be threat-focused and aligned with business
The ability to keep attackers from your premises requires security professionals to work closely with business executives to minimize the risk. This can help embed security into the business’s priority list.
By monitoring and measuring risk profiles, as 90% of cyber leaders do each year–and making the data accessible to the top management, CISOs can be in tune to the executive board, and match up with business, as per the majority of our security survey respondents.
As a member of the board, you’re in the ideal position to influence the company to become a champion of cyber. You are able to see all aspects of the business and be an intermediary between business leaders and CISO. This is an important time for the C-suite and boards for the majority of the business particularly CISOs to look at things from your point of view.
Third, make the most value from the cloud’s security.
Many business leaders are still concerned about data loss or security issues on the cloud. Recent Accenture research identified the risk of security and compliance as the top concern when it comes to cloud adoption. With the increasing shift towards cloud-based computing it is crucial that leaders recognize the value of cloud computing.
In enticing CISOs to use the opportunity to re-evaluate their organization’s security posture sooner and more efficiently–as the cyber-savvy C-suite does, the C-suite is assured that their overarching plan won’t fall apart further down the road or lead to having to undertake expensive work over and over once more.
A CISO from a global mining metals, petroleum, and metals company, who was interviewed by Accenture independently said “So much depends on whether an organization sees security as an enabler, rather than just [something] defending [against] bad outcomes.”
Cyber warriors understand that very well. They are the reason they collaborate closely with their business counterparts and break beyond the norm to be cyber-smart.
Prilient Technologies is a leading provider of complete cybersecurity services which include the most advanced cybersecurity, cyber defence solutions, and secured security services that are managed. We provide security innovations, combined to global reach and worldwide delivery capability , thanks to our global network that includes Advanced Technology and Intelligent Operations centers. With the help of our highly trained experts, we allow our customers to develop their ideas in a safe manner, increase cyber resilience and develop with confidence.