Security News > 2023 > April > Corporate boards pressure CISOs to step up risk mitigation efforts
The top challenges when implementing an effective cyber/IT risk management program include an increase in the quantity and severity of cyber threats, a lack of funding and a lack of staffing/cyber risk talent.
Given the financial and reputational consequences of cyberattacks, corporate board rooms are putting pressure on CISOs to identify and mitigate cyber/IT risk.
Despite the new emphasis on risk management, business leaders still don't have a firm grasp on how cyber risk can impact different business initiatives-or that it could be used as a strategic asset and core business differentiator.
20% of healthcare respondents rate their risk management software as being somewhat effective or less effective in mitigating risk.
"When it comes to strategic decision-making around business initiatives, cyber and IT risk can be an invaluable tool that not only better protects an organization but propels growth. However, to be able to use cyber risk to their advantage, company boards have to first understand it," said Michael Maggio, CEO an CPO of RiskOptics.
"Our report indicates that there are still major hurdles teams need to overcome when communicating risk and more efficiently managing workloads. Organizations must re-assess their current processes and systems, embrace automation and put risk in the context of the business. Only then will executives be able to see the opportunity that risk can provide when proactively managed: a strategic advantage," concluded Maggio.
News URL
https://www.helpnetsecurity.com/2023/04/26/effective-it-risk-management/