Cybersecurity often out of sync with business goalsEscrito por Redacción TNI el 12/09/2023 a las 18:12:541020
97% of respondents’ organizations face challenges in trying to align cybersecurity priorities with business outcomes, according to a commissioned study conducted by Forrester Consulting on behalf of WithSecure™ (formerly known as F-Secure Business).
According to the study’s spotlight, the challenges fall into three categories: conflicting goals, complexity of environment, and privacy requirements.
Notably, conflicting goals was among top challenges identified by respondents from several verticals, including the public sector and healthcare (38%), utilities and telecommunications (38%), retail and wholesale (43%), media, entertainment, and leisure (47%), and financial services and insurance (47%).
Only respondents from manufacturing, and business services and construction, did not identify conflicting goals as one of their top three challenges.
WithSecure™ Chief Information Security Officer Christine Bejerasco, who has given talks on how organizations can address such challenges, said that it requires cybersecurity professionals to develop a different strategic approach to how they think about their jobs.
“It can be difficult for security practitioners to see their work in relation to a business’ purpose or objectives, but that’s really how many boards or executives view security work. However, the transition to outcome-based security doesn’t necessarily involve abandoning traditional metrics. It means explicitly recognizing the value of those metrics in relation to how they benefit the organization and its objectives,” she said.
93% of survey respondents said their organizations struggle with measuring their cybersecurity performance in relation to business outcomes, making this a genuine pain point.
Security Outcome Canvas
According to the study, 99% of survey respondents’ organizations are looking at outcome-based security. 83% said they were interested in, planning to adopt, or expanding adoption of outcome-based cybersecurity solutions and services to achieve business outcomes.
In order to help these organizations, WithSecure™ published a Security Outcome Canvas designed by Bejerasco that maps out connections between security and business outcomes, which is available at https://www.withsecure.com/en/security-outcomes/security-outcomes-canvas.
The July 2023 Forrester Consulting spotlight, Amplify Resilience, Productivity, And Competitiveness With Cybersecurity: A Spotlight On Industry, is available at https://www.withsecure.com/en/security-outcomes/make-cyber-security-outcomes-work-for-you.
Noticias Relacionadas:WithSecure cofounds CYBERSPACE project to counter cyber crime in Europe WithSecure Detects New Infostealer Malware DUCKTAIL |