Survey Finds Disconnect Between Security Strategy and Execution
A recent survey by Intel Security and the Center for Strategic and International Studies (CSIS) discovered a disconnect between strategy and implementation for business cybersecurity programs. While executives are happy in the belief that their security measures are effective, executioners have a different story to tell.
The report says there are three basic misalignments in the current corporate world that give cybercriminals an edge. These involve bureaucracy, strategy implementation and disparity between executives and implementers. While 93% of businesses claim to have a strategy in place, only 49% report its implementation. Even though 60% of IT executives believe their strategy execution is complete, only 30% of the implementers agree.
“It’s not a matter of ‘what’ needs to be done, but rather determining ‘why’ it’s not getting done, and ‘how’ to do it better,” says Denise Zheng of CSIS.
Despite recognizing the seriousness of cybersecurity, around 54% executives say reputation is more important to their organizations.
Candace Worley of Intel Security explains: “For IT and cyber professionals in government and business to compete with attackers, they need to be as nimble and agile as the criminals they seek to apprehend, and provide incentives that IT staff value.”
Read full survey here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
Article source: http://www.darkreading.com/risk/survey-finds-disconnect-between-security-strategy-and-execution/d/d-id/1328300?_mc=RSS_DR_EDT