[ad_1]
Have working from home, growing threats from rogue states and criminal groups, and a lack of understanding of what companies really need to defend against create a ‘perfect storm’ in cybersecurity?
A new report from Savanti shows that attacks from nation-state actors are on the rise and are now more likely to target private companies than government agencies.
Of the organizations surveyed in the report, 90% believe they have been targeted by nation-state threat actors, with 39% citing Russia and 44% citing China.
Globally, cybercrime is projected to increase by 15% to reach over £12 trillion annually by 2025. This would make it the world’s third largest economy after China and the United States.
A Savanti report outlines how poor understanding of cybersecurity among enterprise leaders has led to a technology-focused approach in isolation, failing to deliver holistic security and risk management.
Most importantly, according to the report, Chief Information Security Officers (CISOs) are recruited, managed and measured as technical experts, not business leaders. It’s her skills gap that’s making businesses increasingly vulnerable to cyberthreats.
Skills gaps are also creating unsustainable turnover. The average CISO tenure is 2.3 years for him, compared to 6.9 years for CEOs, 4.7 years for CFOs, and 4.6 years for CIOs, while the average CEO cycled through three of his CISOs during his tenure. and the company has a long-term strategy.
An analysis of recruitment and cyber investments by Savanti estimates the cost of poor CISO recruitment to be at least £7.6m.
This report provides many recommendations, including:
- CISOs should be recruited, managed, and measured as business leaders, not technical experts.
- Hiring should prioritize the CISO’s communication skills.
- Cyber risk should be owned by the board of directors, embedded in organizational processes, and led with sufficient budget and personnel to drive change across the organization.
- Cyber leaders must achieve change through influence, not control.
- Boards need independent and trusted cyber advisors, including former CISOs, to help effectively examine all aspects of cyber leadership and strategy.
- CISOs should be integrated into all positive aspects of business growth.
Savanti CEO Richard Brinson said:
“Companies cannot ‘offer’ cybersecurity to technical experts without fundamentally changing the way they operate their businesses.
Recommended
“We need a new leadership model for the cyber age that ties security and business goals together and harnesses cybersecurity to enable, grow and protect businesses.”
The recent attack on NHS supplier software, Russia’s attack on the Ukrainian military via ViaSat, and the historically devastating NotPetya attack that nearly brought down global giant Maersk are just a few of the damages done by cyberattacks. An example.
Get the latest news from DIGIT straight to your inbox
Our newsletter covers the latest technology and IT news from inside and outside Scotland, as well as in-depth features and exclusive interviews with key figures and rising stars.
Click here to subscribe.
Related
[ad_2]
Source link