EDITOR’S QUESTION
WHAT MESSAGE WOULD
YOU GIVE TO BUSINESS
LEADERS WHO HAVE
NO INTENTION OF
IMPROVING THEIR
CYBER DEFENCES OVER
THE NEXT 12 MONTHS?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
Report reveals one-third of business
leaders not intending to improve
overall defences in the next 12 months The report indicates that many business
leaders report that they do not understand
these commom cybersecurity threats:
V •
•
•
•
•
•
eracode Inc, a leader in securing the
world’s software, has released new
research revealing the widening gap
between software creation and software
security, with the rush to innovate outpacing
the urgency to secure the process.
Vulnerable software
Ransomware
Vulnerable open source components
Phishing attacks
Malicious employee activity
DDoS attacks
The Securing the Digital Economy report
highlights how investment in digital
transformation is rapidly accelerating, with
around one in five business leaders indicating
that their software budget had increased
50% or more over the past three years to
support digital transformation projects. The lack of understanding around cyber
risk may be attributed in part to a lack of
awareness of successful cyberattacks and their
causes. Because business leaders are unaware
of either the breaches themselves or the
underlying causes, they are not compelled to
learn about or defend against similar threats
their company could face. For example:
However, the increased software
development investment has not translated
to greater security budgets or awareness
of the security risks insecure software
introduces: only 50% of business leaders
surveyed understand the risk that vulnerable
software poses to their business. We are seeing some shift in awareness, of
the 33% who indicated that a cyberattack
on another company had led their business
to rethink its approach to cybersecurity,
many have either taken steps to improve
their software security or plan to over the
next 12 months.
34
INTELLIGENTCIO
While there may be some shift in awareness,
not all business leaders have woken up to the
risks of the evolving cyber threat landscape.
One-third of business leaders surveyed
revealed that they plan to take no new
steps to improve their organisations’ overall
cybersecurity in the next 12 months.
While high profile breaches do not in
themselves prompt great change in
behaviour, when confronted with the
possibility of personal accountability in the
event of a breach, executives are more likely
to take action. More than a third of the
business leaders surveyed said the personal
risk to executives outstripped compliance as
a driver for board members.
Articulating the potential brand damage for
senior executives from a data breach and the
risk to their job security was recommended
by 38% and 35% of business leaders
surveyed, respectively, as a way to engage
a board on cybersecurity, compared to
just 29% who suggested that highlighting
the potential fines of data protection
regulations, like GDPR.
www.intelligentcio.com