Story image

ESG finds businesses improving with cybersecurity – but still a long way to go

04 Aug 17

A new report has found CEOs and corporate boards no longer shy away from cybersecurity strategy as they might have done only five years ago.

Digital Shadows unveiled the findings of the study from top analysts at the Enterprise Strategy Group (ESG) that delves into the growing importance and rates of adoption of Digital Risk Management in business today.

According to ESG, progressive executives are now actually realising that cybersecurity risks ultimately equate to business risks, becoming part of their overall business strategy.

 ‘Many executives are beginning to realise they need to take a different stance on cybersecurity,” says senior principal analyst at ESG and writer of the report, Jon Oltsik.

“It Is no longer a case of just spending dollars on perimeter-focused cybersecurity but they need to move to a more holistic digital risk strategy designed to analyse threat intelligence, monitor deep web activities, track the posting of sensitive data, and oversee third parties.”

According to ESG, the majority of executives no longer accept with ‘good enough’ security, with most willing to invest in best practices and leading security defences to protect their organisations.

Despite this, there is still a long way to go. ESG asserts many organisations continue to think of cyber risk in terms of internal network penetration rather than as a more comprehensive strategy that includes all digital assets—websites, social networks, VIP and third-party partner exposure, etc.

In order to make progress in this area and address the full risk spectrum, the report affirms CISOs and risk officers MUST adopt a thorough digital risk management strategy that includes, monitoring, filtering, prioritising, and responding to threats across the public Internet and dark web.

“We know that a strong and resilient strategic digital risk management strategy should include policies and monitoring for targeted cyber threats; Infrastructure exposure, data loss; brand and VIP exposure, physical threats and third party risks to be truly effective,” says Alastair Paterson, CEO and co-founder of Digital Shadows.

“Digital Risk Management, which combines automation and human analytics, is becoming the critical component in your cyber security arsenal.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.