Board members aren’t taking cybersecurity as seriously as they should

2021-02-01 05:00

Trend Micro shared results from a study that reveals systemic challenges with security integration into business processes.

The study found that only 23% of organizations prioritize the alignment of security with key business initiatives.

The study also found that when board members are more educated and engaged in the cybersecurity function, they ask tougher questions, dig deeper into issues, and are more likely to make the leap from technical to business issues.

The lack of cybersecurity prioritization of security is particularly true in the boardroom.

Although 85% of respondents claimed that the board of directors are more engaged in security decisions and strategy than two years ago, often those executives are passively drawn in because of a major breach, new compliance requirements or the creation of a security program by a CISO. In fact, 44% of respondents indicated that their board of directors have limited involvement in many critical cybersecurity operations.

"Striving for 'good enough' security is frankly not good enough given today's cyber risk landscape. This report mirrors many of my conversations with CISOs highlighting that lack of boardroom engagement can lead to poor cyber hygiene, and security that is not properly integrated into business processes," said Ed Cabrera, chief cybersecurity officer for Trend Micro.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/bBpOTDCDcVw/

#cybersecurity