Contact Us

Continuity Insights Management Conference

Survey Finds Growing Alliance Between Cybersecurity and Integrated Risk Management Programs

Continuity Insights

NAVEX Global, a leader in integrated risk and compliance management solutions, has released key findings from its survey of IT security professionals in the U.S. and U.K. on the collaboration between the IT and risk management functions.

Among the top findings:

  • Respondents state that IT and cybersecurity risks were broadly considered part of their organization’s overall risk profile and should be addressed holistically:
    • Fully 95% of respondents say their organizations include cybersecurity within their overall integrated risk management (IRM) approach.
    • Ninety-one percent (91%) say cybersecurity is considered a top business risk within their organization.
  • Seventy-four percent (74%) of respondents report increased collaboration between IT security and enterprise risk management over the past year. This suggests organizations recognize better coordination is required to mitigate serious cybersecurity failures.
  • Seventy-eight percent (78%) say their company’s investment in cybersecurity has increased in the past year.
  • Eighty-two (82%) indicated that recent data breaches have either greatly or somewhat impacted the way their organization prioritizes cybersecurity.

“The past year and a half posed new and unique risk management challenges for many organizations. Chief among them was the significant increase in remote workers. This, in combination with a general increase in external attacks such as phishing, ransomware and other breaches, makes cybersecurity a top-priority risk,” said Haywood Marsh, general manager of NAVEX Global’s IRM solutions. “This survey confirms that a successful approach to integrated risk management must also comprehend cybersecurity.”

Other Findings

Increased spending – The majority of respondents say they increased spending last year. More than 80% of enterprises that employ between 1,000 and 9,999 increased spending on cybersecurity last year. Among the very largest companies, those with 10,000 or more employees, 61% indicated an increase in cybersecurity spending, likely because these larger organizations already spend heavily in this area.

Increased coordination – Respondents state that collaboration between IT/cybersecurity and the risk management functions also increased last year. Among smaller organizations, those with 1,000–4,999 employees, 75% said there was an up-tick in coordination with their risk management counterparts. The number grows to 85% of respondents at companies with 5,000–9,999 employees. Finally, organizations with 10,000 or more employees also indicated increased coordination but the number drops to 61%. This too is likely because larger companies already recognize the benefit of this type of coordination and cooperation.

Spending trend by industry – The survey showed some variance in spending across industries. Top investors in cybersecurity last year include Science and Pharmaceutical (100%), Engineering and Manufacturing (80%), Banking and Finance (79%) and Healthcare (71%). Empirical evidence also supports that these industries are highly targeted by threat actors.

Additionally, the survey shows investments in cybersecurity increased significantly for both U.S. and U.K. companies, 83% and 70% respectively. Similarly, collaboration between IT security/cybersecurity and enterprise risk management increased in the U.S. (78%) and in the U.K. (65%) indicating that IRM is moving to the forefront for a large majority of companies.

Read the full release here.

Continuity Insights

Similar Articles

Another Active Atlantic Hurricane Season Predicted

NOAA’s Climate Prediction Center is predicting another above-normal Atlantic hurricane season. Forecasters predict a 60% chance of an above-normal season, a 30% chance of a near-normal season, and a 10% …

A Real-Time Ransomware Action Plan Across the Enterprise

Continuity Insights has announced that Ransomware Attack – Useful Data: CLDigital’s Real Time Action Plan Across the Enterprise will be the featured topic during the next installment of its critically-acclaimed …

Agility Recovery Acquires Recovery Solutions

Agility Recovery, North America’s premier provider of business continuity solutions, has announced the acquisition of Chicago, Illinois-based Recovery Solutions. Recovery Solutions delivers audit-ready and FFIEC compliant business continuity solutions purpose-built …

Leave a Comment

Share to...