Cybersecurity solutions leader Trend Micro has revealed that IT executives responsible for cybersecurity feel a lack of support from company leaders, and 33 percent feel completely isolated in their role.
Here in the region security is still a reactive measure. Organisations with dedicated CISO’s are better placed with structured security strategies in place. Such organisations are seen to have better synergy between decision-makers and IT teams, working to keep the organisation safe. However, for the vast majority of organisations, IT teams are struggling to have their concerns and recommendations acknowledged, placing the entire organisation at risk.
“With a scattered approach to security, IT managers are constantly having to go over hurdles to keep their organisations safe, even with security now placed as the second highest risk in terms of doing business, here in the region,” said Dr. Moataz Bin Ali, VP, Trend Micro Middle East and North Africa. “The reactive approach to security, and the lack of organisational support for the IT teams, means that a robust security solution then becomes mandatory. We recognise the challenges security teams faces, especially in the face of rapid digital transformation, and organisations require a connected threat defense that offers a 360 view of the network, to help stretched security teams transform the passive approach to security to an active approach.”
Globally, IT teams are under significant pressure, with some of the challenges cited including prioritizing emerging threats (47 percent) and keeping track of a fractured security environment (43 percent). The survey showed that they are feeling the weight of this responsibility, with many (34 percent) stating that the burden they are under has led their job satisfaction to decrease over the past 12 months.
“Company leaders must recognise that any individual responsible for cybersecurity will be feeling the strain,” said Bharat Mistry, principal security strategist, Trend Micro. “As cyber-attacks increase in volume and sophistication, accountability needs to be shared. No business can afford for the IT function to be an island, because it will inevitably buckle. This means shifting the mindset from cybersecurity being a standalone initiative to a shared responsibility across an organisation.”
While 72 percent stated that cybersecurity is represented at the board level, many are still not benefitting from having a seat at the table, and the issue appears to be ineffective communication. Trend Micro’s survey showed that 44 percent struggle to translate complex threats to their organization’s leadership, and 57 percent say internal communication is the biggest cybersecurity challenge for their business.
Respondents revealed that it often takes a prominent cyberattack to get their voice heard, with 64 percent saying communication becomes easier in the wake of a high-profile cyberattack like WannaCry. This raises the question of how IT teams can break down these communication barriers before an incident occurs.
Mistry added, “Taking a place in the boardroom is only step one. IT professionals need to find ways to communicate the value of having security expertise embedded across the breadth of the organization. They could also strive to learn more from other business leaders about how they can better communicate risk, so they can make sure cybersecurity is front of mind in every department.”