SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
ESG finds businesses improving with cybersecurity – but still a long way to go
Fri, 4th Aug 2017
FYI, this story is more than a year old

A new report has found CEOs and corporate boards no longer shy away from cybersecurity strategy as they might have done only five years ago.

Digital Shadows unveiled the findings of the study from top analysts at the Enterprise Strategy Group (ESG) that delves into the growing importance and rates of adoption of Digital Risk Management in business today.

According to ESG, progressive executives are now actually realising that cybersecurity risks ultimately equate to business risks, becoming part of their overall business strategy.

 ‘Many executives are beginning to realise they need to take a different stance on cybersecurity,” says senior principal analyst at ESG and writer of the report, Jon Oltsik.

“It Is no longer a case of just spending dollars on perimeter-focused cybersecurity but they need to move to a more holistic digital risk strategy designed to analyse threat intelligence, monitor deep web activities, track the posting of sensitive data, and oversee third parties.

According to ESG, the majority of executives no longer accept with ‘good enough' security, with most willing to invest in best practices and leading security defences to protect their organisations.

Despite this, there is still a long way to go. ESG asserts many organisations continue to think of cyber risk in terms of internal network penetration rather than as a more comprehensive strategy that includes all digital assets—websites, social networks, VIP and third-party partner exposure, etc.

In order to make progress in this area and address the full risk spectrum, the report affirms CISOs and risk officers MUST adopt a thorough digital risk management strategy that includes, monitoring, filtering, prioritising, and responding to threats across the public Internet and dark web.

“We know that a strong and resilient strategic digital risk management strategy should include policies and monitoring for targeted cyber threats; Infrastructure exposure, data loss; brand and VIP exposure, physical threats and third party risks to be truly effective,” says Alastair Paterson, CEO and co-founder of Digital Shadows.

“Digital Risk Management, which combines automation and human analytics, is becoming the critical component in your cyber security arsenal.