Security shortcomings impacting business performance for many firms
Many organizations have lost business due to either a real or perceived lack of security performance, according to a new survey by Forrester Research.
The report, commissioned by security company BitSight, showed that 38 percent of the 207 security decision makers surveyed admit that they have lost business due to either a real or perceived lack of security performance within their organization.
Nearly three-quarters of the respondents said that improved security performance measurement would greatly or significantly enhance company financial performance, while 82 percent agreed that better measurement would improve company business continuity.
Organizations that have formal security performance metrics are more likely to successfully manage security, according to the study. They are nearly two times more likely to develop security policies, update security technology, and perform security training.
Their investment decisions and strategies are also better trusted by executives and board members, respondents revealed.
Commercial success is at risk due to missteps in effectively measuring security performance and communicating it to external stakeholders, the report said. Seventy-nine percent of the security decision makers surveyed said customer and partner demands for cyber security reporting have intensified.
The decision makers said customers and partners receive some of the least accurate reporting of any security stakeholder. But 82 percent agreed that customer and partner perception of security is increasingly important to the way their organization makes decisions.