Story image

ESG finds businesses improving with cybersecurity – but still a long way to go

04 Aug 2017

A new report has found CEOs and corporate boards no longer shy away from cybersecurity strategy as they might have done only five years ago.

Digital Shadows unveiled the findings of the study from top analysts at the Enterprise Strategy Group (ESG) that delves into the growing importance and rates of adoption of Digital Risk Management in business today.

According to ESG, progressive executives are now actually realising that cybersecurity risks ultimately equate to business risks, becoming part of their overall business strategy.

 ‘Many executives are beginning to realise they need to take a different stance on cybersecurity,” says senior principal analyst at ESG and writer of the report, Jon Oltsik.

“It Is no longer a case of just spending dollars on perimeter-focused cybersecurity but they need to move to a more holistic digital risk strategy designed to analyse threat intelligence, monitor deep web activities, track the posting of sensitive data, and oversee third parties.”

According to ESG, the majority of executives no longer accept with ‘good enough’ security, with most willing to invest in best practices and leading security defences to protect their organisations.

Despite this, there is still a long way to go. ESG asserts many organisations continue to think of cyber risk in terms of internal network penetration rather than as a more comprehensive strategy that includes all digital assets—websites, social networks, VIP and third-party partner exposure, etc.

In order to make progress in this area and address the full risk spectrum, the report affirms CISOs and risk officers MUST adopt a thorough digital risk management strategy that includes, monitoring, filtering, prioritising, and responding to threats across the public Internet and dark web.

“We know that a strong and resilient strategic digital risk management strategy should include policies and monitoring for targeted cyber threats; Infrastructure exposure, data loss; brand and VIP exposure, physical threats and third party risks to be truly effective,” says Alastair Paterson, CEO and co-founder of Digital Shadows.

“Digital Risk Management, which combines automation and human analytics, is becoming the critical component in your cyber security arsenal.”

IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.