- Half are too busy dealing with today’s threats to plan for tomorrow’s
- 70 per cent know that they must change to be successful
More than half of businesses (51 per cent) are focused on today’s cyber threats at the expense of tomorrow’s, according to new research from Accenture. Chief Information Security Officers are also under pressure, with half of them saying their responsibilities are growing faster than they can handle.
The majority (70 per cent) of the 1,500 executives surveyed globally recognise that their cybersecurity measures must change. The threats they face are made worse as they become more connected and data-driven, which will only continue in the future. Too many businesses are still stuck in the traditional investment cycles, focusing their cybersecurity budgets on protecting IT systems and servers. This leads to a neglect of data and the huge number of connections between their networks and the outside world. This leaves them more and more vulnerable to attack every day.
Nick Taylor, Accenture Security Lead, UK and Ireland said: “Businesses need a cyber security policy that makes them more resilient as the nature of threats changes quickly. A tactical approach that focuses only on addressing today’s threats will get caught out tomorrow. It’s like locking your door but leaving the windows open. A triple header of threat hunting, rapid response and process change will create the resiliency needed to adapt to new threats as they arise.”
One of the biggest challenges companies will face is a disconnect between Chief Information Security Officers (CISOs) and the rest of the business. Business leaders and CISOs do not collaborate on a cybersecurity plan and budget in 70 per cent of organisations.
To make things worse, they do not speak the same language. Two thirds of CISOs think that business leaders can’t understand the technical nature of cybersecurity reports; while more than half (54 per cent) do not understand the language of the business.
Nick Taylor, added: “Putting security at the heart of everything you do is the only way to become as cyber resilient as you can be. It may sound obvious, but many companies still don’t connect their security experts with the rest of the business and that’s a problem. There are many challenges and the nature of cyber threats is changing every day. Companies need to build an ark, because heavier rains are coming, and the best way to do that is for business leaders and CISOs to work hand in hand.”