40% Of Business Lose Out Due To Poor Cyber Security

Uploaded on 2019-10-17 in TECHNOLOGY--Resilience, FREE TO VIEW

New analysis reveals that nearly two in five companies have lost business due to lack of cyber security expertise. The September 2019 study conducted by Forrester shows that cyber security performance is vital to achieve commercial success and a higher focus on security can make all the difference to business.

Based on a survey of 207 security decision-makers with responsibility for risk, compliance, and/or communications with boards of directors, the study reviews how organisational error and technological complexities can inhibit businesses from accomplishing realistic security performance management.

Business leaders understand that security is a key differentiator for securing growth, with nearly three quarters of C-level respondents saying that improved security performance measurement would significantly improve company financial performance. Demands for cyber security reporting has intensified according to the study, with 79% of security decision-makers surveyed saying they had witnessed an increase. However, decision-makers say customers and partners receive some of the least accurate reporting of any security stakeholder, and 82% say that customer and partner perception of security is increasingly important, impacting the way their firm makes decisions.

The study also reports that cyber security risk ratings emerge as an early security metric bright spot with 45% of respondents using cyber security ratings, making it the third-most common metric overall.

The study reveals that commercial success is threatened due to errors in efficiently measuring security performance and communicating this to external stakeholders. Key weaknesses in measuring standards are revealed, highlighting that metrics are critical to improving communication around security performance. The study reveals companies that have formal security performance metrics in place are nearly two times more likely to develop security policies, update security technology and perform security trainings, than those that do not.

One out of five technically sound employees end up quitting their job if they find that the policies of the firm don’t comply with privacy norms, costing the firm £30,000 every time a skilled professional leaves the company, according to the study.

“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO od security ratings firm, BitSight, which commissioned the report.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting, after all, their businesses are now on the line.”

Contiuity Insurance & Risk Magazine         Forrester Consulting

You Might Also Read: 

Employee Training Is Vital For Commercial Cybersecurity:

 

 

« AI Security Tool Thinks Much Faster Than Humans
More Girls Are Applying For Cyber Security Training »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

SERMA Safety & Security (S3)

SERMA Safety & Security (S3)

SERMA Safety & Security provides a comprehensive cybersecurity offering incorporating Expertise, Evaluation, Consultancy and Training, covering hardware, software and information systems.

Serverless Computing

Serverless Computing

Serverless Computing London will help architects, developers and CIOs decide on the best path to a more efficient, scalable and secure computing future.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

VariQ

VariQ

VariQ is a premier provider of Cybersecurity, Software Development and Cloud services to federal, state, and local government.

Defscope

Defscope

Defscope is an Azerbaijani company entirely focused on cybersecurity offering training, security consulting, and other professional services.

National Cyber Coordination & Command Centre (NC4) - Malaysia

National Cyber Coordination & Command Centre (NC4) - Malaysia

NC4 is established as a center for dealing with cyber threats and crisis at the national level in Malaysia.

RAND Corporation

RAND Corporation

The RAND Corporation is a non-profit institution that helps improve policy and decision making through research and analysis.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

SalvageData Recovery Services

SalvageData Recovery Services

Since 2003, SalvageData has been providing high-quality data recovery with the certifications needed to work with any storage media manufacturer.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.