Organizations Failing to Implement Planned Cyber-Security Strategies

Organizations Failing to Implement Planned Cyber-Security Strategies
Organizations Fall Short When Implementing Their Cyber-Security Strategies
Reputation Impact Is More Important Than Security Impact
Operators and Executive Have Different Views
Organizations Use Overlapping Sets of Security Capabilities
Cyber-Security Incentives Vary
Breaches Impact Operations
Breach Prevention Is a Key Measure of Effectiveness
1 of 8

Organizations Failing to Implement Planned Cyber-Security Strategies

There are multiple gaps in the perception and reality of cyber-security between corporate executives and the IT professionals responsible for implementation, according to findings by Intel Security. Intel Security and the Center for Strategic and International Studies (CSIS) came to that conclusion in a 34-page report titled "Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity." The study surveyed 800 cyber-security professionals around the world, including both operators and executives, to gain insight into the current perceptions of the risks and the rewards of the IT security industry. One of the top findings in the report was that while 90 percent of organizations said they have some form of cyber-security strategy in place, the reality is that less than 50 percent of organizations have actually implemented the planned cyber-security strategy. Also, the study...

2 of 8

Organizations Fall Short When Implementing Their Cyber-Security Strategies

The survey revealed that while nearly all (90 percent) of organizations claim to have some form of cyber-security strategy in place, the reality is that less than 50 percent have actually implemented the strategy.

3 of 8

Reputation Impact Is More Important Than Security Impact

When it comes to impact, more than half (54 percent) of respondents indicated they were more concerned about the impact a security incident will have on their reputation than the actual effect of a security incident.

4 of 8

Operators and Executive Have Different Views

Nearly 60 percent of IT executives believe their cyber-security strategy is fully implemented, while less than 40 percent of IT operators have the same view.

5 of 8

Organizations Use Overlapping Sets of Security Capabilities

When it comes to implementing a new security technology, the Intel Security study found that most organizations will aim to maintain a security platform that integrates both existing and new technologies.

6 of 8

Cyber-Security Incentives Vary

Among the interesting perception gaps noted in the report is one on incentives. While few IT executives noted that there were no incentives for cyber-security professionals, nearly 30 percent of surveyed operators had a different view.

7 of 8

Breaches Impact Operations

When asked about that actual impact of a security breach on an organization, not surprisingly disruption of operations was the top response.

8 of 8

Breach Prevention Is a Key Measure of Effectiveness

When it comes to rating the effectiveness of cyber-security, both IT executives and operators largely agree that minimizing the number of security breaches is a primary metric.

Top White Papers and Webcasts