Trellix uncovers well-defined ownership of cyber risk amongst the board, yet challenges remain around prioritising cybersecurity
Dubai, United Arab Emirates – New research from Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), reveals a disconnect between cybersecurity professionals and senior management. Despite widespread board-level ownership of cyber risk, almost half (42%) of UAE cybersecurity professionals say the board doesn’t pay sufficient attention to digital security. This points to a concerning trend that cyber security is being treated as a tick-box exercise.
In the UAE, a huge majority (89%) of cybersecurity professionals agree that there is a well-defined ownership of cyber risk at the board and management level, whether that sits with one individual (38%) or a committee/taskforce (51%). Yet, about a quarter (26%) of respondents highlighted that cybersecurity is not being considered a priority by C-suite/board level which has become a significant challenge for the business. With ownership not equating to prioritisation in the cyber space, it’s no surprise that 44% of UAE cyber professionals call out feeling undervalued by their business and 36% call out feeling undervalued by their boss as two of their biggest frustrations.
“Ownership is not enough if it doesn’t translate into action. Creating a culture of cybersecurity across the organisation needs to be a priority on the board’s agenda today,” says Adam Philpott, Chief Revenue Officer, at Trellix. “The tone from the top must be conducive to robust cybersecurity management and so the board and cybersecurity experts need to find a common data-language to understand and discuss cyber risks, how to manage them and the board’s role in prioritising a strong security posture across the business.”
Fortunately, cybersecurity conversations are taking place in an organisation, with little over two-thirds (67%) confirm that regular discussions on cybersecurity and compliance are held with management and the senior leadership team. Cyber resilience comes from collaboration and communication, yet these vary from business to business when a significant cybersecurity incident or cyber-attack occurs.
For example, while a third (34%) of UAE cybersecurity professionals confirm that it is typically reported to the board within one hour, 19% admit it takes at least a couple of days or longer to report it to senior management. This delay can mean the difference between successfully mitigating an attack and being faced with difficult consequences.
“As a CISO, CIO or CTO, this means clearly setting out what the top cyber security risks for the organisation are and the business impact if the organisation’s cybersecurity architecture is not fit-for-purpose to defend against today’s sophisticated and evolving attacks,” continued Philpott.
“Clear communication is vital to creating a resilient organisation with adaptive security through an interconnected XDR architecture which is able to give the board – and wider business – confidence.”
-Ends-
Additional resources
Methodology
The study, based on research conducted by Coleman Parkes, surveyed 9,000 cybersecurity decision-makers from organizations with 500 or more employees across fifteen markets: Australia, Brazil, Canada, Chile, Colombia, France, Germany, India, Indonesia, Mexico, Singapore, South Africa, UAE, the UK, and the USA.
About Trellix
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com.
Media contact:
Vernon Saldanha
Procre8 (on behalf of Trellix)
vernon@procre8.biz
© Press Release 2022
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.