Elly Yates-Roberts |
Microsoft partner and cybersecurity firm Savanti has released a new report that highlights the ongoing ‘perfect storm’ occurring in cybersecurity.
Through the report, Savanti suggests that this has been caused by the combination of home working, which exposes businesses to greater vulnerabilities, threats from rogue states and criminal groups, and minimal understanding of what companies actually need to defend themselves.
It highlights that the threat environment is rapidly growing, with nation-state attacks increasing and now focusing on private companies rather than government agencies. In fact, 90 per cent of organisations believe they have been targeted by a nation-state threat actor, with 39 per cent citing Russia and 44 per cent China.
Savanti’s findings outline that cybersecurity leaders tend to deliver isolated, technically focused plans that ultimately fail to deliver holistic security and risk management. It specially draws attention to the fact that chief information security officers (CISOs) are hired, managed and evaluated as technical experts rather than business leaders, which is “leaving companies increasingly vulnerable to cyber threats”, says Savanti.
To address these challenges, the report recommends that CISOs be considered business leaders rather than technical experts, recruitment should prioritise communication skills for CISOs, and cyber risk should be embedded in organisational processes and driven with sufficient budget and staffing to drive organisation-wide change. It also suggests that businesses use trusted cyber advisors to evaluate all aspects of cyber leadership and strategy.
“Our report is a wake-up call for business leaders to stop treating cybersecurity as a compliance exercise – those days are gone,” said Richard Brinson, CEO of Savanti. “Businesses simply cannot ‘farm out’ cybersecurity to technical experts without fundamentally changing the way they operate.
“We need a new model of leadership for the cyber age that unites security and business goals and utilises cybersecurity to enable and grow businesses as well as protect them.”
Read the full Savanti report.