Skip to main content

Almost all ITDMs forced to compromise on security to support other business goals

security
(Image credit: Shutterstock / Gorodenkoff)

IT decision-makers (ITDMs) are often required to compromise on cybersecurity in order to advance digital transformation efforts or boost productivity, a new report from Trend Micro claims. 

Surveying 5,321 IT and business decision-makers, the cybersecurity firm also found that the majority of ITDMs are pressured into downplaying the severity of cyber risks to their boards of directors.

According to most ITDMs, C-Suite executives often don't fully understand cyber risks. While some believe this is due to the topic being too complex and evolving constantly, others believe it’s because the C-Suite isn’t willing to put in the necessary effort.

IT and business leaders are also at odds over whose responsibility it is to manage and mitigate risk, mostly because business leaders still perceive it as an IT problem, and not a business risk. As a result, businesses are inconsistent in their attitude towards cybersecurity

For the C-suite to take notice of cyber risks, one of three things need to happen, Trend Micro claims: a breach, customers demanding more sophisticated security, or the ability arises to better report on cyberthreats.

“IT leaders are self-censoring in front of their boards for fear of appearing repetitive or too negative, with almost a third claiming this is a constant pressure. But this will only perpetuate a vicious cycle where the C-suite remains ignorant of its true risk exposure,” said Bharat Mistry, UK Technical Director at Trend Micro. 

“We need to talk about risk in a way that frames cybersecurity as a fundamental driver of business growth – helping to bring together IT and business leaders who, in reality, are both fighting for the same cause.”

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.