DX and productivity goals trump cybersecurity

New research from Trend Micro reveals that 89% of Australian IT decision-makers claim their business would be willing to compromise on cybersecurity in favour of digital transformation, productivity, or other goals. Additionally, 87% have felt pressured to downplay the severity of cyber risks to their board.

“Australian IT leaders are self-censoring in front of their boards for fear of appearing repetitive or too negative, with over a third claiming this is a constant pressure. But this will only perpetuate a vicious cycle where the C-suite remains ignorant of its true risk exposure,” said Ashley Watkins, Vice President, Trend Micro ANZ.

“We need to talk about risk in a way that frames cybersecurity as a fundamental driver of business growth — helping to bring together IT and business leaders who, in reality, are both fighting for the same cause.”

The research reveals that less than half (47%) of IT leaders and 35% of business decision-makers believe the C-suite completely understand cyber risks. Although some think this is because the topic is complex and constantly changing, many believe the C-suite either doesn’t try hard enough (28%) or doesn’t want (19%) to understand.

There’s also disagreement between IT and business leaders over who’s ultimately responsible for managing and mitigating risk. IT leaders are 10% more likely than business leaders to point to IT teams and the CISO. 49% of respondents claim that cyber risks are still being treated as an IT problem rather than a business risk.

This friction is causing potentially serious issues: 25% of respondents believe cybersecurity is the biggest business risk today, and 62% claim it has the highest cost impact of any business risk — a seemingly conflicting opinion given the overall willingness to compromise on security.

There are three main ways respondents believe the C-suite will sit up and take notice of cyber risk:

• 62% think it would take a breach of their organisation;
• 61% say it would make an impact if customers started demanding more sophisticated security credentials;
• 60% say it would take investors demanding more sophisticated security credentials.
   

Trend Micro commissioned Sapio Research to interview 5321 IT and business decisio- makers from enterprises larger than 250 employees across 26 countries​. The survey was conducted among 207 IT and business decision-makers from enterprises larger than 250 employees in Australia.

To read a full copy of the report, click here.

Image credit: ©stock.adobe.com/au/enzozo