Dive Brief:
- More than half of cyber resilient companies have frequent communication with senior leaders, according to a Ponemon Institute Cyber Resilience survey of more than 3,600 IT and security professionals internationally, sponsored by IBM Security.
- The communication breaks down barriers for investments. More than 80% of respondents in high performing organizations were able to invest in automation for cyber resilience.
- Nearly three-quarters of high-performing organizations are highly confident in their ability to prevent a cyberattack. About half of the remaining respondents feel the same.
Dive Insight:
Cybersecurity is a key pressure point in IT. It restricts employees from deploying tools at will and adds stress to those in charge of governance.
But when the average cybercrime costs a company about $13 million, non-technical leadership's commitment to security is heightened. CEOs named cybersecurity their No. 1 external threat for 2019.
CISOs are not the only ones responsible for setting the security posture for an organization. The empowerment from other leadership enables security professionals to ensure the integrity of their digital economy as more tools are introduced by non-technical employees.
Human error is at the root of undermining internal security practices. About 79% of tech leaders believe employees unintentionally put their companies at risk in the last 12 months.
"Curious" employees are those who fall somewhere between malicious and ignorant and security leaders need established guidelines for acceptable IT behaviors, such as allocating privileged credentials and limiting unapproved digital services.