Barracuda Networks has issued the CIO report titled ‘Leading your business through cyber risk’, providing an in-depth look into the challenges that businesses face when increasing their cyber resilience and managing cyber risks. According to the report’s findings, struggles with implementing comprehensive security policies, securing third-party access, and supply chains can weaken a company’s defence against and response to cyberattacks.
The new report also offers valuable strategic tools. One such offering is a practical checklist template, designed by the IT and security leadership at Barracuda, to support enterprises on their path to achieving cyber resilience.
Highlighting companies’ uncertainties, the research states that less than half (43%) of respondents trust in their capabilities to address cyber vulnerabilities, risks, and attacks. Approximately half the surveyed group cited difficulty in enforcing consistent, enterprise-wide security policies. A further third expressed worry over securing their supply chains.
Other concerns differed between smaller and larger companies. While 35% of smaller businesses shared their worry that senior management disregards cyberattacks as a significant risk, larger firms were more likely to grapple with a lack of budget (38%) and a shortage of skilled professionals (35%).
Another surprising finding is that one in ten organisations does not have an incident response plan in place to turn to when faced with a successful breach.
Siroui Mushegian, CIO of Barracuda Networks, commented: “For many businesses today, a security incident of some kind is almost inevitable. What matters is how you prepare for, withstand, respond to, and recover from the incident. [..] Advanced, defence-in-depth security solutions will take you most of the way there, but success also depends on security governance – the policies and programs, leadership, and more that enable you to manage risk.”
Mushegian further discussed the importance of the new security governance approach added in the recent US National Institute of Standards and Technologies (NIST) cybersecurity framework update. This move signifies the strategic significance of balancing cyber resilience alongside risk management.
The Barracuda report includes a cyber resilience checklist, which is based on the NIST 2.0 framework and designed to aid organisations in mapping their journey towards greater cyber resilience. This practical checklist is instrumental and easily downloadable.
The CIO report’s findings are rooted in data from the international ‘Cybernomics 101’ study, which surveyed 1,917 IT security practitioners from companies with a staff of 100 to 5,000 employees across various industries and nations.
About Author
