Cybersecurity unaligned with business goals is reactive … and flawed: Study

2023-04-03 17:20

A new report by cybersecurity firm WithSecure, based on a survey of more than 400 global cybersecurity and IT decision-makers conducted by Forrester Consulting, suggests that many organizations are reactive in their approach to defending against threats, and piecemeal when it comes to cybersecurity investments.

The result? Security goals become detached from business goals, resulting in organizations investing in defenses against threats that aren't relevant to their business or goals.

Figure A. Paul Brucciani, cybersecurity adviser and head of product marketing for solutions at WithSecure, said that the concept of outcome-based cybersecurity constitutes both a way to make cybersecurity executions align with business goals, and to reduce clutter and redundancy of security solutions and tactics.

One-fifth of companies align cybersecurity with business priorities.

Cybersecurity budgets are rising, but could the sheer size and scope of the cybersecurity service market be driving IT buyers to allocate budgets haphazardly?

"Cybersecurity is a massive business; depending on how you define the market there are 10,000 cybersecurity companies in the world which creates a noisy marketplace, and many of those companies are venture capital backed, so their job is to get to market as fast as possible. As a consequence it creates a market that is difficult to navigate, with the added challenge of measuring quality: Buyers have no way of assessing the quality of what they are being sold," Brucciani said.

News URL

https://www.techrepublic.com/article/withsecure-cybersecurity-report-flawed/

#cybersecurity