40% Of Business Lose Out Due To Poor Cyber Security

Uploaded on 2019-10-17 in TECHNOLOGY--Resilience, FREE TO VIEW

New analysis reveals that nearly two in five companies have lost business due to lack of cyber security expertise. The September 2019 study conducted by Forrester shows that cyber security performance is vital to achieve commercial success and a higher focus on security can make all the difference to business.

Based on a survey of 207 security decision-makers with responsibility for risk, compliance, and/or communications with boards of directors, the study reviews how organisational error and technological complexities can inhibit businesses from accomplishing realistic security performance management.

Business leaders understand that security is a key differentiator for securing growth, with nearly three quarters of C-level respondents saying that improved security performance measurement would significantly improve company financial performance. Demands for cyber security reporting has intensified according to the study, with 79% of security decision-makers surveyed saying they had witnessed an increase. However, decision-makers say customers and partners receive some of the least accurate reporting of any security stakeholder, and 82% say that customer and partner perception of security is increasingly important, impacting the way their firm makes decisions.

The study also reports that cyber security risk ratings emerge as an early security metric bright spot with 45% of respondents using cyber security ratings, making it the third-most common metric overall.

The study reveals that commercial success is threatened due to errors in efficiently measuring security performance and communicating this to external stakeholders. Key weaknesses in measuring standards are revealed, highlighting that metrics are critical to improving communication around security performance. The study reveals companies that have formal security performance metrics in place are nearly two times more likely to develop security policies, update security technology and perform security trainings, than those that do not.

One out of five technically sound employees end up quitting their job if they find that the policies of the firm don’t comply with privacy norms, costing the firm £30,000 every time a skilled professional leaves the company, according to the study.

“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO od security ratings firm, BitSight, which commissioned the report.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting, after all, their businesses are now on the line.”

Contiuity Insurance & Risk Magazine         Forrester Consulting

You Might Also Read: 

Employee Training Is Vital For Commercial Cybersecurity:

 

 

« AI Security Tool Thinks Much Faster Than Humans
More Girls Are Applying For Cyber Security Training »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Talend

Talend

Talend is a leader in cloud and big data integration software. Applications include Risk and Compliance management.

CSR Privacy Solutions

CSR Privacy Solutions

CSR Privacy Solutions is a leading provider of privacy regulatory compliance programs for small and medium sized businesses.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

Eskive

Eskive

Eskive is a Brazilian cyber security awareness and education platform that empowers users and strengthens their company in the face of cyber threats.

Celerium

Celerium

Celerium transforms cyber defense for both companies and industry sectors by leveraging cyber threat intelligence to defend against cyber threats and attacks.

Rhino Security Labs

Rhino Security Labs

Rhino Security Labs is a top penetration testing and security assessment firm, with a focus on cloud pentesting, network pentesting, web application pentesting, and phishing.

YorCyberSec

YorCyberSec

YorCyberSec act as a trusted Cyber and Information Security broker and procurement specialist. We help companies to Reduce Risk, Increase Assurance and Improve Performance.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

Rootshell Security

Rootshell Security

Rootshell Security is transforming vulnerability management with its vendor-agnostic Prism Platform and industry-leading offensive security assessments.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.

Academia the Technology Group

Academia the Technology Group

Academia specialise in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets.

DataBee

DataBee

DataBee, a Comcast Company, brings to market an enterprise-ready security data fabric that delivers connected compliance and security data that works for everyone.