Account
Please wait, authorizing ...

Don't have an account? Register here today.

×

Disarticulation between security and management teams increases cyber risks

Desarticulación entre equipos de seguridad y dirección aumenta riesgos cibernéticos

International. Dynatrace released its annual CISO survey. This year, the global report reveals that organizations are struggling with internal communication barriers that hinder their ability to address cybersecurity threats.

The results indicate that CISOs find it difficult to drive alignment between security teams and senior management (C-level executives, Chief Officers), leaving gaps in the organization's understanding of cyber risk. As a result, they are more exposed to advanced cyber threats at a time when AI-driven attacks are on the rise.

The Mexican Market and Cybersecurity
The report, commissioned by Dynatrace and conducted by Coleman Parkes between March and April 2024, is based on a global survey of 1,300 CISOs and ten interviews with CEOs and CFOs of companies with more than 1,000 employees.

50% of CISOs in Mexico say there is a regular requirement to inform the CEO and board of directors about their cybersecurity risk and compliance posture. 66% of CISOs say their security tools have limited ability to generate insights that the CEO and board can use to understand business risks and prevent threats.

- Publicidad -

Mexican CISOs ranked their organizations' top priorities for cybersecurity management as follows:

  • Application security (i.e., vulnerability management).
  • Crisis management and response (i.e., data leakage and media focus).
  • Internal risk management/oversight (i.e., use of mobile devices).
  • 50% of organizations have experienced an application security incident in the last two years.
  • 90% of CISOs say application security is a blind spot at the CEO and board level.
  • 78% of CISOs say DevSecOps automation will be essential to their ability to stay on top of
  • emerging regulations such as the SEC's cybersecurity mandate such as NIS2 and DORA.
  • 92% of CISOs say DevSecOps automation is even more important for managing the risk of AI-introduced vulnerabilities.
  • 64% of CISOs struggle to drive DevSecOps automation due to their reliance on multiple application security tools.
  • Only 16% of CISOs say their organization has mature DevSecOps automation practices.

Findings from a global perspective
Lack of alignment between the C-level and the board of directors leads to cyber risks. CISOs struggle to drive alignment between security teams and C-suite; 87% of CISOs say application security is a blind spot at the CEO and board level.

Security teams are too technical. Seven out of ten C-suite executives interviewed say security teams speak in technical terms without providing business context. However, 75% of CISOs highlight that the problem stems from security tools that can't generate insights that C-level executives and boards can use to understand business risks and prevent threats.

AI is powering more advanced cyber threats. Addressing this technology and communications gap is becoming more critical as the rise of AI-driven attacks and cyber threats significantly increase business risk.

Against this backdrop, nearly three-quarters (72%) of CISOs say their organization has experienced an application security incident in the past two years. These incidents carry significant risk, and CISOs highlight the common consequences they've experienced including revenue impact (47%), regulatory fines (36%) and loss of market share (28%).

"Cybersecurity incidents can have devastating consequences for organizations and their customers, which is why the issue has rightly become a critical concern at the board level," said Bernd Greifeneder, CTO of Dynatrace. "However, many CISOs struggle to drive alignment between security teams and senior management because they can't bring bit-and-byte conversation to specific business risks. CISOs urgently need to find a way to overcome this barrier and create a culture of shared responsibility for cybersecurity. This will be critical to improving their ability to respond effectively to security incidents and minimizing their exposure to risk."

The report, 'The State of Application Security in 2024: The Imperative to Drive Greater Alignment Between the CISO, CEO, and Board', is available for download online.

Álvaro León Pérez Sepúlveda
Author: Álvaro León Pérez Sepúlveda
Editor - Latin Press, Inc.
Comunicador Social Periodista egresado de la Universidad de Antioquia, con más de 14 años de experiencia en medios periodísticos y proyectos de comunicación digital. [email protected]

No thoughts on “Disarticulation between security and management teams increases cyber risks”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis
SUBSCRIBE TO OUR ENGLISH NEWSLETTER
DO YOU NEED A SERVICE OR PRODUCT QUOTE?
LATEST INTERVIEWS

Webinar: Inteligencia Artificial en NVR & Cámaras Enforcer

https://www.ventasdeseguridad.com/2... Tema: Inteligencia Artificial en NVR & Cámaras Enforcer Por: Eduardo Cortés Coronado, Representante Comercial en México - SECO-LARM USA INC Fecha: Martes 28 de mayo, 2024 Hora: 10.00H (Colombia) 09:00H (México) Conozca cómo sacar ventaja de las funciones de inteligencia artificial en NVR´S 4K & cámaras IP enforcer, disuación activa, reconocimiento facial, reconocimiento de matriculas vehiculares, salidas alarma etc.

Webinar: NxWitness el VMS rápido fácil y ultra ligero

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento. https://www.ventasdeseguridad.com/2...

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet. https://www.ventasdeseguridad.com/2...

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles https://www.ventasdeseguridad.com/2...
Load more...
SITE SPONSORS










LATEST NEWSLETTER
Latest Newsletter