Tenable®, Inc., the Cyber Exposure company, published a global industry study that revealed the vast majority of organizations (94%) have encountered a business-impacting cyberattack in the past 12 months, according to both business and security executives. The data is drawn from ‘The Rise of the Business-Aligned Security Executive,’ a commissioned study of more than 800 global business and cybersecurity leaders conducted by Forrester Consulting on behalf of Tenable.
Business leaders want a good understanding of how they are at risk and how that risk is changing as they plan and execute business strategies. But only four out of ten security leaders say they can answer the fundamental question, “How secure, or at risk, are we?” with a high level of confidence, despite the prevalence of a business-impacting cyberattack. Fewer than 50% of security leaders said they are framing cybersecurity threats within the context of specific business risk. For example, though 96% of respondents had developed response strategies to the COVID-19 pandemic, 75% of business and security leaders admitted their response strategies were only “somewhat” aligned.
Organizations with security and business leaders who are aligned in measuring and managing cybersecurity as a strategic business risk deliver demonstrable results. Compared to their siloed peers, business-aligned security leaders are:
“In the future, there will be two kinds of CISO — those who align themselves directly with the business and everyone else. The only way to thrive in this era of digital acceleration is to bring cyber into every business question, decision and investment,” said Renaud Deraison, Chief Technology Officer and co-founder, Tenable. “We believe this study shows that forward-leaning organizations view cybersecurity strategy as essential to innovation and that when security and the business work hand-in-glove, the results can be transformational.”
