Published: 20 April 2022
Although cybersecurity is talked about as a business risk, in practice, the business hardly ever decides how much risk it is willing to take. CIOs can use this research to put the business and its cyber-risk appetite at the center of managing cybersecurity as a business decision.
Included in Full Research
The COVID-19 pandemic has led most organizations (57%) to increase the education of senior stakeholders on the value of security and risk management.
In 40% of organizations, COVID-19 has strengthened the relationship between security and risk management leaders and their Board of Directors.
In a 2022 Gartner survey, 88% of board members said that cybersecurity is viewed as a business risk, up from 58% in 2016.
In most organizations, the business doesn’t decide how much cyber risk it is willing to accept in pursuit of its objectives.
CIOs integrating risk and organizational performance should:
To view the entire document, log
in or purchase