Despite their best efforts and investments, some organizations still experience difficulty as a result of organizational, operational and even cultural differences between their IT security and business risk functions. These gaps can be seen in the ways security and risk teams describe their environments, their challenges, and their relationships with one another.
In early 2018, RSA® commissioned the Cybersecurity and Business Risk Survey, executed by Enterprise Strategy Group (ESG), to learn more about the challenges and priorities of IT security and business risk professionals.
RSA’s new report, “Pain and Progress: The RSA Cybersecurity and Business Risk Study” reflects findings from the survey, and is intended as a glimpse into the minds of security and risk leaders. It describes the pain these teams feel in pursuit of protecting their organizations’ digital assets and data, in the face of challenges from the forces of modernization, malice and mandates.
For example, when asked if their organization had experienced a security breach in the past two years, 70 percent of respondents confirmed they had, and 85 percent of those who had experienced a breach in the past two years said their organization had actually experienced two or more in that timeframe.
RSA’s study revealed another trend — that IT security and business risk teams are breaking out of their silos and starting to work more closely together toward their common goal of managing the organization’s digital risk. Most respondents (82 percent) said their organizations consider security breaches as a business risk, not (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Peter Beardmore. Read the original post at: http://www.rsa.com/en-us/blog/2018-04/pain-and-progress-in-managing-digital-risk.html