Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
New research from Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), reveals a disconnect between cybersecurity professionals and senior management. Despite widespread board-level ownership of cyber risk, almost half (49%) of UK cybersecurity professionals say management doesn’t pay sufficient attention to digital security. This points to a concern trend that cyber security is being treated as a tick-box exercise.
In the UK, a huge majority (94%) of cybersecurity professionals agree that there is a well-defined ownership of cyber risk at the board and management level, whether that sits with one individual (50%) or a committee (44%). Yet, three in ten (31%) respondents highlighted that cybersecurity is not being considered a priority by C-suite and board level which has become a significant challenge for the business. With ownership not equating to prioritisation in the cyber space, it’s no surprise that 41% call out feeling undervalued by their boss as one of their biggest frustrations.
“Ownership is not enough if it doesn’t translate into action. Creating a culture of cybersecurity across the organisation needs to be a priority on the board’s agenda today,” says Adam Philpott, Chief Revenue Officer, at Trellix. “The tone from the top must be conducive to robust cybersecurity management and so the board and cybersecurity experts need to find a common data-language to understand and discuss cyber risks, how to manage them and the board’s role in prioritising a strong security posture across the business.”
Fortunately, cybersecurity conversations are taking place in an organisation, two-thirds (66%) confirm that regular discussions on cybersecurity and compliance are held with management and the senior leadership team. Cyber resilience comes from collaboration and communication, yet these vary from business to business when a significant cybersecurity incident or cyber-attack occurs.
For example, while a quarter (25%) of UK cybersecurity professionals confirm that it is typically reported to the board within one hour, a similar proportion (26%) admit it takes at least a couple of days or longer to report it to senior management. This delay can mean the difference between successfully mitigating an attack and being faced with difficult consequences.
“As a CISO, CIO or CTO, this means clearly setting out what the top cyber security risks for the organisation are and the business impact if the organisation’s cybersecurity architecture is not fit-for-purpose to defend against today’s sophisticated and evolving attacks,” continued Philpott.
“Clear communication is vital to creating a resilient organisation with adaptive security through an interconnected XDR architecture which is able to give the board – and wider business – confidence.”
