- London Market Group(LMG) releases market update on new trading opportunities
- Gemini Expert Management System Phase II goes live with fee settlement
- HM Treasury calls for evidence in review of Solvency II
- Munich Re expects drop to around E200m profit for third quarter
- IDF Report identifies how barriers to global risk understanding can be overcome
- Allianz once again named the world’s top insurance brand in Interbrand’s Best Global Brands Ranking
- Insurance Europe publishes response to a survey by the ESAs on their proposals for disclosure templates for environmental and/or social financial products expired
- Insurance Europe publishes response to an inception impact assessment conducted by the EC on the revision of the ELTIF regulation expired
- COVID-19 continues to drive down UK car insurance prices expired
- Proposed changes in regulations for infrastructure investment trusts likely to open alternate source for Indian insurers, says GlobalData expired
- General insurance business in Malaysia to contract by 2.2% in 2020 due to COVID-19, says GlobalData expired
- IFTRIP Livestream shares lessons on systemic risk globally expired
14th October 2020
Threat of fines drives UK Board decisions on cybersecurity spend says Thycotic research
CISOs’ own approaches to buying decisions are forward looking as they try to keep up with industry developments and their sector peers. There are, however, signs that UK Boards are more risk averse than their US counterparts. Over half of UK decision makers(51%) describe their organisations as ‘in the pack’. By contrast nearly half of US respondents (47%) rate their organisations as pioneers.
An overwhelming majority(75%) say they want to try out innovative new tools. However, in practice, they are guided by their industry peers, with almost half(46%) benchmarking their buying decisions against other companies in their sector. This may lead CISOs to err on the side of proven known technology rather than trying something new.
“Our study clearly shows that before CISOs’ can pursue technology innovation they must first educate their stakeholders about the value of cybersecurity,” said James Legg, ceo at Thycotic. “Securing Boardroom investment requires them to strike a delicate balance between innovation and compliance.”
This balance is discernible in the way decision-makers describe their organisation’s risk profile. Almost half of respondents view their organisation as ‘in the pack’(45%) and only a third consider their companies to be ‘pioneers’ (36%), embracing new technology advancements. Just 17% think their business has its finger on the pulse, prioritising investment according to the latest security threat.
“While boards are definitely listening and stepping up with increased budget for cyber security, they tend to view any investment as a cost rather than adding business value,” said Terence Jackson, CISO for Thycotic. “There are some encouraging signs, particularly in APAC where ROI is a leading factor in security investment decisions.”
“However, there is still some way to go,” he continued. “The fact Boards mainly approve investments after a security incident or through fear of regulatory penalties for non-compliance shows that cybersecurity investment decisions are more about insurance than about any desire to lead the field which, in the long run, limits the industry’s ability to keep pace with the cybercriminals.”
Cyber Trends(1,013 articles)