Boards still not adequately focused on security


By Dylan Bushell-Embling
Friday, 27 April, 2018


Boards still not adequately focused on security

One in three security professionals say their organisation’s board has not adequately prioritised cybersecurity, even though four in five believe it is likely or very likely they will experience a cyber attack this year.

These are among the key findings of IT governance professional organisation ISACA’s latest State of Cybersecurity research report.

The report did find that respondents have grown slightly more confident in how security is prioritised within their enterprises, but there is much room for improvement in terms of organisational alignment with security initiatives.

This issue is compounded by the fact that enterprises are still having difficulty finding qualified security talent. The report found that 59% of respondents’ organisations have unfilled security positions, while 54% take at least three months to fill open positions.

“Given that security budgets are increasing, the staffing problem is logistical rather than financial; enterprises have budget to hire, but are challenged in recruiting talented practitioners because a large segment of the available workforce lacks the skills that enterprises need,” the report states.

“Consequently, enterprises struggle to fill open positions and cannot readily backfill openings when employees leave.”

Respondents reported that an inability to understand business needs (39%) and a lack of technical skills (33%) are the top skills gaps in today’s cybersecurity professionals.

More than half (51%) of organisations have diversity programs in place to support female security professionals, the survey found.

Despite this, only 51% of female respondents agree that men and women are offered the same career advancement opportunities in their workplace, compared to 82% of male respondents. But among companies with diversity programs, this proportion rises to 77% of women and 87% of men.

Image credit: ©lollo/Dollar Photo Club

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

The AI regulation debate in Australia: navigating risks and rewards

To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd