40% Of Business Lose Out Due To Poor Cyber Security

New analysis reveals that nearly two in five companies have lost business due to lack of cyber security expertise. The September 2019 study conducted by Forrester shows that cyber security performance is vital to achieve commercial success and a higher focus on security can make all the difference to business.

Based on a survey of 207 security decision-makers with responsibility for risk, compliance, and/or communications with boards of directors, the study reviews how organisational error and technological complexities can inhibit businesses from accomplishing realistic security performance management.

Business leaders understand that security is a key differentiator for securing growth, with nearly three quarters of C-level respondents saying that improved security performance measurement would significantly improve company financial performance. Demands for cyber security reporting has intensified according to the study, with 79% of security decision-makers surveyed saying they had witnessed an increase. However, decision-makers say customers and partners receive some of the least accurate reporting of any security stakeholder, and 82% say that customer and partner perception of security is increasingly important, impacting the way their firm makes decisions.

The study also reports that cyber security risk ratings emerge as an early security metric bright spot with 45% of respondents using cyber security ratings, making it the third-most common metric overall.

The study reveals that commercial success is threatened due to errors in efficiently measuring security performance and communicating this to external stakeholders. Key weaknesses in measuring standards are revealed, highlighting that metrics are critical to improving communication around security performance. The study reveals companies that have formal security performance metrics in place are nearly two times more likely to develop security policies, update security technology and perform security trainings, than those that do not.

One out of five technically sound employees end up quitting their job if they find that the policies of the firm don’t comply with privacy norms, costing the firm £30,000 every time a skilled professional leaves the company, according to the study.

“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO od security ratings firm, BitSight, which commissioned the report.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting, after all, their businesses are now on the line.”

Contiuity Insurance & Risk Magazine         Forrester Consulting

You Might Also Read: 

Employee Training Is Vital For Commercial Cybersecurity:

 

 

« AI Security Tool Thinks Much Faster Than Humans
More Girls Are Applying For Cyber Security Training »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

Sponge

Sponge

Sponge is a world-renowned digital learning provider on a mission to make learning unforgettable.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

Mitiga

Mitiga

Mitiga uniquily combines the top cybersecurity minds in Incident Readiness and Response with a cloud-based platform for cloud and hybrid environments.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

AccountabilIT

AccountabilIT

AccountabilIT is a full spectrum information technology services firm for enterprises with complex information technology needs seeking relief from those challenges.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

DeviQA

DeviQA

DeviQA provide best-in-class quality assurance services to companies of all sizes.

Ethnos Cyber

Ethnos Cyber

Ethnos Cyber is Africa’s leading cybersecurity and compliance management company. We provide Information Security, Risk Management, Cybersecurity and Compliance Management solutions to clients.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.