40% Of Business Lose Out Due To Poor Cyber Security

Uploaded on 2019-10-17 in TECHNOLOGY--Resilience, FREE TO VIEW

New analysis reveals that nearly two in five companies have lost business due to lack of cyber security expertise. The September 2019 study conducted by Forrester shows that cyber security performance is vital to achieve commercial success and a higher focus on security can make all the difference to business.

Based on a survey of 207 security decision-makers with responsibility for risk, compliance, and/or communications with boards of directors, the study reviews how organisational error and technological complexities can inhibit businesses from accomplishing realistic security performance management.

Business leaders understand that security is a key differentiator for securing growth, with nearly three quarters of C-level respondents saying that improved security performance measurement would significantly improve company financial performance. Demands for cyber security reporting has intensified according to the study, with 79% of security decision-makers surveyed saying they had witnessed an increase. However, decision-makers say customers and partners receive some of the least accurate reporting of any security stakeholder, and 82% say that customer and partner perception of security is increasingly important, impacting the way their firm makes decisions.

The study also reports that cyber security risk ratings emerge as an early security metric bright spot with 45% of respondents using cyber security ratings, making it the third-most common metric overall.

The study reveals that commercial success is threatened due to errors in efficiently measuring security performance and communicating this to external stakeholders. Key weaknesses in measuring standards are revealed, highlighting that metrics are critical to improving communication around security performance. The study reveals companies that have formal security performance metrics in place are nearly two times more likely to develop security policies, update security technology and perform security trainings, than those that do not.

One out of five technically sound employees end up quitting their job if they find that the policies of the firm don’t comply with privacy norms, costing the firm £30,000 every time a skilled professional leaves the company, according to the study.

“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO od security ratings firm, BitSight, which commissioned the report.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting, after all, their businesses are now on the line.”

Contiuity Insurance & Risk Magazine         Forrester Consulting

You Might Also Read: 

Employee Training Is Vital For Commercial Cybersecurity:

 

 

« AI Security Tool Thinks Much Faster Than Humans
More Girls Are Applying For Cyber Security Training »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

Norwegian Information Security laboratory (NISlab)

Norwegian Information Security laboratory (NISlab)

NISlab conducts international competitive research in information and cyber security and operates study programs in this area.

Mako Networks

Mako Networks

The Mako System is an award winning networking and security service designed specifically for SMEs and branch offices of larger organisations.

Government Communications Security Bureau (GCSB) - New Zealand

Government Communications Security Bureau (GCSB) - New Zealand

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Cyber Range Malaysia

Cyber Range Malaysia

With Cyber Range Malaysia organizations can train their security professionals in empirically valid cyber war-gaming scenarios necessary to develop IT staff skills and instincts for defensive action.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Guardian Digital

Guardian Digital

Guardian Digital makes email safe for business. Threat-ready business email protection. Fully supported.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

Secolve

Secolve

Secolve is Australia’s next generation OT specialist cyber security firm, working with key industries to protect the nation’s critical infrastructure.

LMNTRIX

LMNTRIX

LMNTRIX eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent and respond to cyberattacks.

Quantonation

Quantonation

Quantonation is a global early-stage venture capital fund investing in breakthrough technologies based on advances in physics and computing.