Most of the C-suite executives rank improvement of information security and business efficiency as their main goals
C-suite executives understand that to transform their businesses, they must embrace the integration of new technologies. Most rank improvement of information security and business efficiency as their main goals. Globally, executives indicate they are ready to embrace automated processes as part of their security protocols.
Securing Networks is Critical to Protecting Brand Reputations
Executives are very concerned about the impact that security threats can have on business performance, pointing to the potential loss of customers, brand reputation and operational productivity. Many adjust budget priorities to better secure networks and prevent attacks. Events that most influence how executives view their companies’ security vulnerabilities include high-profile data breaches and nation-state attacks, cyberattacks on their organizations and governmental regulations.
Risk Management Calculations Affect Security Investments
C-suite professionals actively monitor what’s happening with their networks. They face tough choices when deciding where to invest resources to propel their businesses forward. Reported instances of ransom attacks jumped dramatically over the past two years. As the demand for security professionals outpaces the supply, executives are increasingly looking to carriers or ISP/CSPs to manage security.
Network Security Concerns Vary by Industry
The impacts of attacks on corporate networks can vary depending on the industry in which companies compete. Manufacturers that have long embraced automation as a means to boost efficiencies and production reported plans to integrate automation in security measures with a corresponding shift in their IT budgets.
The finance/insurance industry continued its forward-thinking use of technology as a business enabler and reported plans to move operations to the cloud while continuing to focus on digital transformation. The retail/ wholesale industry is concentrating on managing the increasing complexity of the IT networks, digital transformation plans and the adoption of Internet of Things (IoT) as a means to better serve customers.
Securing the Digital Transformation
Corporations are continually looking for ways to increase productivity and efficiency. Taking advantage of technology advances in their networks is a proven way to be more agile while reducing costs.
Customers, employees, vendors and partners use mobile applications, chat bots, online portals, email and other tools to interact with brands daily. Every touchpoint adds a layer of complexity to the network that can introduce new, risky attack vulnerabilities. C-suite executives understand that, to transform their businesses, they must embrace the integration of new technologies while at the same time protect data privacy.
According to a survey conducted and responses sought from senior leaders from the Americas (AMER), Europe and the Middle East (EMEA) and Asia-Pacific (APAC):
- 70% AMER & EMEA executives and 80% of APAC executives are greatly concerned about data privacy
- 47%recognized that digital transformation activities place pressure on their organizations’ security planning and investment strategy
- 32% of AMER, 13% of EMEA & 18% of APAC executives rank new revenue sources as top 3 organizational goals
- Most organizations host 25% to 50% of their business applications in the cloud
- 96% were “very” or “somewhat” concerned about network vulnerabilities
- 71%of executives reported shifting more of their network security budget into technologies that employ machine learning and automation
- About 25% said that the focus of their budgets remained unchanged in this time period
- Most organizations worry about huge bandwidth cost by public cloud providers due to DDOS attacks
- Globally, nearly four in 10 executives trust automated systems more than humans to protect them against cyberattacks
A secure climate for customers
Corporations’ networks are the lynchpin of interactions with customers who expect responsive applications, fast performance and above all, protection of their data. The foundation of the customer experience is a mix of trust and availability. Organizations’ brands take a hit if either factor falters. C-suite executives are keenly aware of the effect of security threats on business.
Events that influence changes in organizations security:
- 61% high-profile data breaches on peer companies
- 59% data breach or cyberattack with own organization
- 48% governmental regulations like GDPR, PCI, HIPAA, etc.
- 37% change in C-suite leadership
Balancing Investments and Risks
As the threat of network attacks becomes a question of ‘when’ and ‘not if’, organizations must carefully evaluate the risks associated with security vulnerabilities and the costs of implementing effective security solutions. At the same time, C-suite executives face tough choices when deciding where to invest resources to propel their businesses forward.
Even though the threat of network attacks hangs over their organizations, about 25% of executives do not have or are in the planning stages of addressing key security concerns, such as performing security assessments on new technology or working with educational institutions to proactively recruit security specialists.
Most executives across regions (65%–81%) feel that their internal security resources are sufficient to handle their security needs. Yet 66% believe that hackers could penetrate their networks. The internal skills gap is not easily solved because the demand for security professionals outpaces the supply. As a result, more executives need to look to outside security vendors for assistance.
C-suite View of Current Network Threats – Key Findings:
- 66% had a hacker penetrate their network
- 54% experienced a data breach from one of its mobile applications in the last 18 months
- 57% had experienced a cyberattack in the last 12 months
- 50% were concerned about the security vulnerabilities created by use of multiple clouds
Impacting Vertical Industries
The impacts of attacks on corporate networks can vary depending on the industry in which companies compete. Security trends specific to the needs of some verticals:
Retail: In the retail sector, almost two-third organizations have a half of their business applications in the cloud and are concerned about security vulnerabilities between cloud networks. A major cause of concern for the executive suite is the fact that almost 20 attacks have happened in the past year. Data breach within their own organization was the most influential event that affected their own security planning. This can be troubling because they have the most customer touchpoints on their networks to enable e-commerce. Therefore this vertical definitely needs a security protection.
Manufacturing: Manufacturers have long embraced automation as a means to improve efficiencies and boost production. So it’s not surprising that they focus on managing the increasing complexity of their IT infrastructures with plans to integrate automation (43%) to help automate security measures.
To accomplish this, about 75% of executives shared that they shifted more of the IT budget into security automation. Also, most keep tabs on what’s happening in the marketplace, and two-thirds reported that high-profile data breaches at peer companies were the most influential event that affected their own security planning.
Finance: Corporate networks are the lifeblood of finance companies’ businesses, which is why this vertical is likely to invest more in security to protect its assets. For example, Deloitte5, which suffered a cyberattack in 2017, said that it plans to spend 580 million USD on security over the next three years. These companies are especially aware of what’s happening at peer companies. About 86% reported that high-profile data breaches at peer companies were the most influential event affecting their own security planning.
Looking forward, C-suite executives recognize the multiple pressures on their organizations to integrate new network technologies, transform their businesses and defend against cyberattacks, which are growing in frequency and complexity. As more companies add a mix of multiple public and private cloud environments to their IT architecture, the introduction of new vulnerabilities puts corporate and customer data at risk.
The stakes are high. Security threats can seriously impact a company’s brand reputation, resulting in customer loss, reduced operational productivity and lawsuits, which reinforces that cybersecurity remains a priority in the minds of executives around the world.
The author is Managing Director - India, SAARC & Middle East, Radware