Is cyber security still not a top boardroom priority?

The research from Fortinet’s latest survey has revealed that despite high profile cyber attacks continuing to occur, almost half of IT decision makers (ITDMs) at 250+ employee organisations around the world still believe that business executives are not making cyber security a significant enough priority or focus.

However, many IT professionals believe that the transition to the cloud as part of their organisations’ digital transformation will in turn make security a growing priority.

Board members are not treating cybersecurity as a top priority

The survey found 48% of IT decision makers believe that IT security is still not a top priority discussion for the board. This doesn’t seem to affect budgets since 61% of enterprises stated that they spend over 10% of their IT budget on security, which is a high investment. 71% of the surveyed respondents said their IT security budget has increased from the previous year.

>See also: Bringing security back to the top of the boardroom agenda

Now, IT decision makers feel strongly that cyber security should become a top management priority with 77% of the respondents saying that the board should actually put IT security under greater scrutiny.

Three key drivers for cyber security becoming a top priority

Increase in security breaches and global cyber attacks: In the last two years, 85% of businesses have experienced a security breach, with the most common vector of attack being malware and ransomware for 47% of respondents.

>See also: Elevating data risk management to the board level

Just under half (49%) of ITDMs said there has been an increased focus on IT security following global cyber attacks, such as WannaCry. The scale and profile of global cyberattacks is bringing security to the attention of the board. Security is no longer just an IT department discussion.

Increased pressure from the regulators: Another important driver of board awareness is the proliferation of regulation, 34% of respondents reported. With major fines threatening the bottom line, such as the impending GDPR compliance for European data, the board now has a mandate to take interest.

Transition to the cloud as a catalyst for security priorities: As organisations look at migrating to the cloud as part of their digital transformation, 74% of IT security decision makers believe that cloud security is becoming a growing priority. 77% of the respondents also affirm that cloud security – along with the investment in security to support it – is becoming a key priority for the board. As a result, half of those surveyed (50%) are planning investment in cloud security in the next 12 months.

>See also: Cyber security – the unrelenting challenge for leadership

Patrice Perche, senior executive vice president, worldwide sales and support at Fortinet, commenting on the report and the general issue of cyber security said that “Over the years, we’ve seen that cyber security has become a key investment for organisations, with more and more C-level executives considering it as part of their broader IT strategy. As organisations now embrace digital transformation and turn to technologies like the cloud, cyber security is no longer just an IT investment but a strategic business decision. In today’s digital economy, I expect the trend we’ve seen at the board level to accelerate with security being treated as a top priority within an organisations’ broader risk management strategy. By doing so, companies will be in a better position to succeed in their digital transformation efforts.”


Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...