Trend Micro Incorporated, a global cybersecurity provider, has released research indicating that many global organizations lack adequate resources and leadership support to measure and mitigate risks across their digital attack surface effectively.
Sharda Tickoo, Country Manager for India & SAARC at Trend Micro: “A lack of clear leadership on cybersecurity can paralyze an organization—leading to reactive, piecemeal, and erratic decision making. Companies need CISOs to clearly communicate in terms of business risk to engage their boards. Ideally, they should have a single source of truth across the attack surface from which to share updates with the board, continually monitor risk, and automatically remediate issues for enhanced cyber-resilience.”
Trend Micro Survey Highlights Gaps in Cyber-Resilience and Leadership Accountability
Trend Micro surveyed 2,600 global IT leaders responsible for cybersecurity in small, medium, and large organizations to understand their views on attack surface risk management (ASRM).
The survey identified three key gaps in cyber resilience:
- Only 36% of organizations have sufficient staffing for 24x7x365 cybersecurity coverage.
- Attack surface management techniques to measure risk are employed by just 35%.
- Proven regulatory frameworks like the NIST Cybersecurity Framework are used by only 34%.
- The research points to a lack of leadership and accountability as contributing factors. Nearly half (48%) of respondents stated that their leadership does not consider cybersecurity their responsibility, while only 17% strongly disagreed with that view.
Responsibility for mitigating business risk lacks clarity, with 31% of respondents saying IT teams should be accountable. This lack of direction may explain why 54% of respondents reported inconsistent attitudes toward cyber risk within their organizations.
Leadership gaps persist in many organizations, with 96% of respondents expressing concerns about their digital attack surface. Over a third (36%) are particularly concerned about discovering and mitigating high-risk areas, while 19% lack a unified approach to addressing cybersecurity issues.
Read More:
Staying Updated with Cloud Security