Decision-makers in the UK often make cybersecurity compromises out of fear of disrupting and potentially hurting their business operations, a new report by Tanium claims.
Based on a poll of more than 500 CIOs and CISOs in the UK, US, Germany, France and Japan, it was said that because of “wider business pressures”, these decision makers refrained from installing crucial updates or generally making security moves within their organisations.
These “wider business pressures” include the pressure to “keep the lights on”, “internal politics”, as well as legacy IT commitments which restricted various security efforts.
The report also claims that CIOs and CISOs do not fully understand the importance of being business and technologically resilient, and that’s also one of the reasons for making compromises in terms of cybersecurity postures.
“A resilient organization can depend on its people, processes and technology to quickly adapt to cyberattacks, outages and other forms of disruption,” commented Ryan Kazanciyan, Chief Technology Officer at Tanium.
“However, our research shows that IT leaders are having to hold off on making crucial updates due to concerns about the impact it might have on business operations. Given that global cyber-attacks such as WannaCry were catalysed by poor security hygiene, organizations need to ensure that they can confidently effect change to protect critical assets, monitor impact, and recover from the unexpected.
It was also uncovered that business leaders lack visibility across their organisations’ many endpoints, including laptops, servers, virtual machines, and other. This makes making informed and confident decisions unmeasurably harder, while organisations remain vulnerable to multiple disruptions.
Different business leaders work in silos, and the lack of data sharing or proper communication often leads to critical security updates not being installed, even though business leaders thought they had.
Image Credit: B-lay