Organizations have become far more vulnerable to cyberthreats because digital information and technology are now so heavily integrated into day-to-day work 💼 Discover what cybersecurity means for your business: GartnerSEC Cybersecurity
create a greater number and variety of connections that can be targets of cyberattacks.make it hard to keep track of the growing number of information security controls, requirements and threats.will persist as organizations continue to struggle to establish minimum but robust controls for third parties — especially as most vendors, in particular cloud vendors, are themselves relying on third parties .
has grown to unprecedented levels as new digital initiatives, frequently based in the public cloud, are deployed before the security issues are addressed.are engineered to orchestrate sensing, computation, control, networking and analytics to interact with the physical world . Connecting the digital and physical worlds presents a unique and growing area of vulnerability.Cybersecurity is interconnected with many other forms of enterprise risk, and the threats and technologies are evolving quickly. Given this, multiple stakeholders must work together to ensure the right level of security and guard against blind spots. But despite the growing view that cybersecurity is a business risk, accountability for cybersecurity still falls mostly on the shoulders of IT leaders. A 2021 Gartner survey found that the CIO, CISO or their equivalent were held accountable for cybersecurity at 85% of organizations. Non-IT senior managers held accountability in only 10% of organizations surveyed, and only 12% of boards have a dedicated board-level cybersecurity committee. To ensure adequate security, CIOs should work with their boards to ensure that responsibility, accountability and governance are shared by all stakeholders who make business decisions that affect enterprise security.used today are trailing indicators of factors the organization does not control . Instead, focus on metrics related to specific outcomes that prove your cybersecurity program is credible and defensible. Gartner expects that by 2024, 80% of the magnitude of fines regulators impose after a cybersecurity breach will result from failures to prove the duty of due care was met, as opposed to the impact of the breach.Consistency metrics assess whether controls are working consistently over time across an organization.Adequacy metrics assess whether controls are satisfactory and acceptable in line with business needs.Reasonableness metrics assess whether the controls are appropriate, fair and moderate.Effectiveness metrics assess whether the controls are successful and/or efficient in producing a desired or intended outcome.The amount you spend on cybersecurity does not reflect your level of protection, nor does what others spend inform your level of protection compared to theirs. Most monetary representations of risk and security readiness are neither credible nor defensible, and, even when they are credible, they do not support daily decision making related to priorities and investments in security. Use outcome-driven metrics to enable more effective governance over cybersecurity priorities and investments. ODMs don’t measure, report or influence investments by threat type; it is outside your control to align spending to address ransomware, attacks or hacking. Rather, align investments to the controls that address those threats., but it can align investments to three critical controls: back up and restore, business continuity and phishing training. The ODMs of these three controls reflect how well the organization is protected against ransomware and what that level of protection costs — a business-based analysis that tells a compelling story for the board and other senior leaders. Note that a control can be any combination of people, process and technology that you own, manage and deploy to create a level of protection for the organization. Take a cost optimization approach to evaluate the cost , value and the level of risk managed for each control. Generally, better protection will be more expensive.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Access Exclusive CFO Insights From the 2021 CEO Survey82% of CFOs are planning to increase investments 📈 in digital capabilities. Explore more insights from over 450 business leaders in Gartner_Finance's new report: GartnerFinance CFO
Read more »
Gartner Marketing Predictions 2022In 2022, marketing leaders will shift their digital focus from enhancing customer relationships 🤝 to building new connections 🔗 across the full spectrum of stakeholders. Find out more from Gartner_MKTG: GartnerMKTG CMO
Read more »
A Guide To Web Security Testing: Part 1 - Mapping Contents | HackerNoon'A Guide To Web Security Testing: Part 1 - Mapping Contents' by kalilinux_in cybersecurity hacking
Read more »
Amazon promotes AWS cybersecurity chief Stephen Schmidt to S-teamInsider tells the global tech, finance, markets, media, healthcare, and strategy stories you want to know.
Read more »
How a New Cyber Espionage Weapon in Southeast Asian Government Got Detected | HackerNoonA Chinese threat group managed to hack into a Southeast Asian government by using disguised files to take advantage of a backdoor in the computer infrastructure
Read more »
How AWS Misconception Resulted in Detection of 5 Million Personal Records | HackerNoonA misconception of users had led to over five million records containing personal identifying information to be left on an AWS service, a serious leak.
Read more »