Why SMBs Should Closely Align Cybersecurity Strategy to Protect Critical Business Objectives
Over the past year, it’s been hard to miss the rising wave of cyberattacks hitting businesses and individuals alike. Nearly every day, a new significant attack affects a business’s ability to operate or compromises its customers’ data.
Companies saw an average of 270 attacks over the past year, a 31 percent jump over last year, according to a new survey of chief information security officers (CISOs) published by Accenture. While attacks come through many different avenues, the report found that supply chain attacks saw a considerable jump.
This rise in attacks has opened the eyes of many business owners to the importance of recognizing the risk that cyberattacks might pose and making it a business imperative to protect against them. Most of the CISOs surveyed (85 percent), for instance, said that the cybersecurity strategy is closely aligned to protect critical business objectives, such as company growth.
The goal in business alignment and protecting critical assets is to be what Accenture termed a “Cyber Champion,” who “strikes a balance between cyber resilience and business objectives with strong alignment to business strategy.” These security leaders have a seat at the decision-making table and can successfully balance both threats and business priorities. Those SMBs and other organizations that can strike this unique balance can reduce their cost of breaches by 48 percent, the report said, and can detect breaches faster, respond to them more quickly, and on average experience less data loss than their peers.
Those security leaders that are still on the journey to achieving complete business alignment for cyber risk fall into three other buckets: Business Blockers (those “no” people who are seen as a blocker to business growth in the name of cyber resilience), Cyber Risk Takers (those who put business growth above all else, even at the cost of higher cyber risk) and The Vulnerable (those who are doing the bare minimum and are not aligned with the overall business).
However, any SMB can make progress on their journey towards becoming a Cyber Champion. Accenture recommended that business leaders make sure they’re giving security teams a voice at the leadership table to accomplish this. They also recommended that security leaders closely align with the business, make sure they are acting in a threat-centric way and evaluate the opportunities of secure cloud technologies.
The good news for businesses in every one of these categories is that cybersecurity budgets are on the rise. Eighty percent of those surveyed said their budgets have increased in the past year, amounting to an average of 15 percent of all IT spending. There’s hope to combat today’s threats with an added budget and a business-focused approach to cyber resilience.