Collaboration is key
Added Monday 07 March 2016
A lack of collaboration between IT and line of business leaders can put your organisation at risk
With 1 in 10 organisations suffering a security crisis relating to Cloud, Mobile, Analytics or Social technology in the past 18 months, it’s critical that organisations take note of the fact that companies with weak strategy collaboration between IT and business units are twice as likely to be at risk.
The cost and likelihood of a data breach is rising and cyber security is high on the agenda for every organisation today. However, a recent study by the IBM Center for Applied Insights, involving more than 1400 enterprises, identified that not all companies face an equal chance of being hacked. In fact, failing to collaborate and embed security efficiently across different line of business (LOB) operations increases the risk of a data breach by 50% - particularly when constructing strategies for new cloud, analytics, mobile and social (CAMS) applications.
In an attempt to close the gaps and reduce the odds of a data security breach, the 2014 CISO Assessment: Fortifying for the future, suggested that business IT Security leaders:
- Regularly participate in C-suite meetings to raise awareness and address critical business issues
- Collaborate consistently with data protection specialists and regulatory bodies
- Develop LOB strategies for CAMS initiatives in conjunction with IT, risk and operations
According to the research, 85% of Chief Information Security Officers (CISOs) reported that upper management support for cyber security initiatives is increasing, with 88% seeing their IT security budgets rise – a sure sign that Cyber Security sits right at the top of the agenda for most organisations.
Managing the Insider Threat
One particular area in which collaboration is key is between the HR and IT departments, with staff error pinpointed as presenting a bigger source of data breaches (26%) than the threat from either malicious insiders (10%) or organised crime (23%) – according to PwC’s 2015 Information Security Breaches Survey. HR can help to minimise the insider threat by fostering a corporate culture where employees believe in the company’s core values, respect their colleagues and take pride in their role within the organisation. As a result, staff should be less likely to pose a threat by sharing sensitive information or being careless with devices that hold company data.
Security belongs in the board room
Information security isn’t a subject that’s historically held the attention of line of business executives for long – it’s something they’ve simply relied on the IT team to manage and report on. Only when a security issue arises does the problem escalate to the boardroom, a reactive approach that is all too common. The PwC survey revealed that over the past year, the number of security breaches has increased, with the scale and cost nearly doubling. 11% of respondents actually changed the nature of their business as a result of their worst breach. With nearly 9 out of 10 large organisations surveyed having suffered some form of security breach – suggesting that these incidents are now a near certainty – the stakes are high. The question is no longer ‘if’, but ‘when’ a company will suffer an incident, making security something that deserves full attention at the highest levels of the company.