Organizations move to a shared view of managing cyber risks
Cyber security and regulatory compliance efforts are becoming increasingly intertwined at many organizations, according to a new study by IDG Research.
The report, sponsored by analytics software company Actiance, found that a majority of key technology stakeholders agree on the importance of cross-functional collaboration in managing risk, and the value of establishing common control processes. They are increasingly moving toward a shared view of information risk, the study noted.
The report is based on a survey of 150 IT, security, compliance, and other risk management professionals, and shows that 75 percent report that their function collaborates with at least one other department in evaluating and selecting risk management solutions. On the other hand, only 5 percent said their function alone is responsible for those tasks.
Managing the risk and impact of a data breach was ranked highest across all functions (35 percent).
All functions, particularly security, reported a lack of budget and sufficient resources to carry out their duties. And all functions agreed that adding personnel is not seen as a solution to security and compliance challenges. The addition of staff was mentioned the least as a strategy for managing risk moving forward.