A third of cybersecurity staff feel isolated from the business: study
More than a half of respondents to a Trend Micro survey say the biggest cybersecurity challenge is communicating threats internally
IT executives responsible for cybersecurity feel a lack of support from company leaders, and 33% feel completely isolated in their role, a new report by Trend Micro says.
Here in the region, security is still a reactive measure. Organisations with dedicated CISOs are better placed with structured security strategies in place. Such organisations are seen to have better synergy between decision makers and IT teams, working to keep the organisation safe. However, for the vast majority of organisations, IT teams are struggling to have their concerns and recommendations acknowledged, placing the entire organisation at risk.
“With a scattered approach to security, IT managers are constantly having to go over hurdles to keep their organisations safe, even with security now placed as the second highest risk in terms of doing business, here in the region,” commented Dr Moataz Bin Ali, VP for Trend Micro Middle East and North Africa. “The reactive approach to security, and the lack of organisational support for the IT teams, means that a robust security solution then becomes mandatory. We recognise the challenges security teams faces, especially in the face of rapid digital transformation, and organisations require a connected threat defence that offers a 360 view of the network, to help stretched security teams transform the passive approach to security to an active approach,” added Ali.
Globally, IT teams are under significant pressure, with some of the challenges cited including prioritising emerging threats (47%) and keeping track of a fractured security environment (43%). The survey showed that they are feeling the weight of this responsibility, with many (34%) stating that the burden they are under has led their job satisfaction to decrease over the past 12 months.
“Company leaders must recognise that any individual responsible for cybersecurity will be feeling the strain,” said Bharat Mistry, principal security strategist, Trend Micro. “As cyber-attacks increase in volume and sophistication, accountability needs to be shared. No business can afford for the IT function to be an island, because it will inevitably buckle. This means shifting the mindset from cybersecurity being a standalone initiative to a shared responsibility across an organisation.”
While 72% stated that cybersecurity is represented at the board level, many are still not benefitting from having a seat at the table, and the issue appears to be ineffective communication. Trend Micro’s survey showed that 44% struggle to translate complex threats to their organisation’s leadership, and 57% say internal communication is the biggest cybersecurity challenge for their business.
Respondents revealed that it often takes a prominent cyberattack to get their voice heard, with 64% saying communication becomes easier in the wake of a high-profile cyberattack like WannaCry. This raises the question of how IT teams can break down these communication barriers before an incident occurs.
Mistry continued, “Taking a place in the boardroom is only step one. IT professionals need to find ways to communicate the value of having security expertise embedded across the breadth of the organisation. They could also strive to learn more from other business leaders about how they can better communicate risk, so they can make sure cybersecurity is front of mind in every department.”