Organisations aren’t positioned to tackle Cyber demands, survey reveals

The fourth industrial revolution (4IR) is driving change and digitalisation at an exciting pace, says global accounting organisation, Deloitte. New markets are being created and with every innovation, the world becomes more and more digitally connected. 

Cyber is growing and moving in multiple dimensions across various disciplines — beyond an organisation’s perimeter and IT environments – it’s at the centre of digital transformation.

Yet, according to Deloitte’s 2019 Future of Cyber survey, there are notable gaps in organisations’ abilities to meet cybersecurity demands for the future. Findings indicate that many cyber organisations are challenged by their ability to prioritise cyber risk across the enterprise (16 per cent), followed closely behind by lack of management alignment on priorities and adequate funding, each at 15 per cent.

Deloitte Global Future of Cyber Survey Indicates That Many Organisations aren’t positioned for success in tackling Cyber demands.

“Cyber leaders today are focused on digital transformation as a catalyst for change for both the greater enterprise and their cyber agendas. The good news is the survey results show that organisations are no longer taking a wait-and-see philosophy to prepare for and respond to cyber incidents”, says Deloitte Africa Risk Advisory Cyber leader, Eric Mc Gee.

“There is a whole new way of thinking that is starting to occur with how organisations are going to achieve their business outcomes, and that is with a cyber everywhere mindset.”

Here’s a closer look at findings of the Future of Cyber survey:

  • Half of the organisations (49 per cent) have cybersecurity on their board agenda at least quarterly. On the other hand, half of the boards are not discussing cyber as often as they should. More concerning is that only 4 per cent of respondents say cybersecurity is on the agenda once a month.
  • While organisations are prioritising digital transformation, only 14 per cent of cyber budgets are allocated to provide for cybersecurity in transformation efforts.
  • Less than 20 per cent of organisations have security liaisons embedded within business units to foster greater collaboration, innovation, and security.
  • Organisations are turning to third parties to manage certain functions of their cyber operations. According to 65 per cent of the CISOs surveyed, 21-30 per cent of total cyber operations are outsourced, with nearly half (48 per cent) of CISOs selecting insider threat detection as a top function that they turn to third parties to manage.
  • There’s a disconnect between the majority (85 per cent) of the survey respondents who indicate that they are using Agile/DevOps in application development and then ranking DevSecOps lowest (11 per cent) on the cyber defence priorities and investments areas, which may explain why 90 per cent of organisations surveyed experienced disclosures of sensitive production data within the past year.
  • Data integrity (35 per cent) was the top-ranked cybersecurity threat respondents were most concerned about followed by unintended actions of well-meaning employees (32 per cent) resulting in a negative event and then followed by technical vulnerabilities (31 per cent).

“This survey report aims to put the numbers into context and to expand the dialogue and acceptance of cyber everywhere so that organisations are not limited by it but empowered to embrace the opportunities it will create,” says Mc Gee.

Edited by Jenna Cook

Follow Jenna Cook on Twitter

Follow IT News Africa on Twitter