Why Enterprises Are Leaving Themselves Open to Significant Risk

So is security a big deal? Particularly in today’s digital and agile enterprise? Absolutely. The main issue this report reveals is the disconnect between knowledge of the risks and the organization’s ability to deal with them. HFS researched 300 $1Bn+ enterprises to understand the current state of cybersecurity with the enterprise.

The key findings include:

• Most enterprises understand the importance of securing their data. They have developed security policies, and security is a top-three initiative for 63% of enterprises.
• Lack of management commitment to effective investment is a key inhibitor of an enterprise’s security readiness. The biggest inhibitor of security readiness is the lack of executive support.
• More than half of enterprises regularly review their security policy. For example, 46% of enterprises review their security policy every year, while only 26% review it every two years.
• Fifty-two percent of enterprises say that the main driver for implementing security processes and systems is the need to accelerate their cybersecurity operation maturity. However, fewer than 30% see their increasing exposure online and their drive to digital as motivators to invest in security.
• External security service providers can offer important strategic and tactical assistance to clients. The most common security services contracted in the past 12 months are security vulnerability assessment and audit services and managed security services. More than 50% of enterprises are likely to use an external security service provider in the next 12 months. However, 53% of enterprises state that data sensitivity is the main barrier to outsource security services. The security services market is fragmented, with different types of providers having a variety of backgrounds playing a role.