Cybersecurity is crucial for business operations. Everyone knows this. What most probably do not know is that cybersecurity teams are not only overwhelmed by constantly monitoring threats, but also by the changing demands from stakeholders, including customers, partners and government regulators.
The reality is cybersecurity is no longer an internal affair. According to recent LogRhythm research, 91% of security professionals admit their company’s security strategy and practices are required to align to customers’ security policies and standards. Partners also demand proof, with 85% of security professionals stating their company must provide proof of meeting partners’ security requirements.
Among the challenges is that companies lack proper solutions to address include the tools to manage digital supply chain security. They also face the difficulty of defending a growing cyber perimeter driven by remote employees and expanding cloud utilization, and managing the risk of employees who intentionally or inadvertently breaks security protocols.
If a company does not meet stakeholders’ security requirement, it loses business. Customers walk away from deals if they are not 100% confident in the business’ security strategy. In fact, 67% of security professionals say their company lost a business deal due to the customer’s lack of confidence in their security strategy.
"Cybersecurity is now a business imperative,” said Andrew Hollister, chief security officer of LogRhythm. “Security events hold the potential to significantly impact revenue, which begs the attention of executive leadership and pushes more organizations to align on expectations both internally and externally.”
So, as cybersecurity teams, they should meet these demands with no problems and no questions asked, right? It is not as simple as that.
Just like with every other department within a business, security teams face employee turnover, and employee turnover reduces the effectiveness of security teams. More than 75% of IT professionals admit to the experiencing lower effectiveness due to employee turnover.
Turnover is not the only thing impacting effectiveness though. Work-related stress, from more responsibilities to a higher attack frequency, is increasing for nearly seven in 10 companies, with 30% reporting a significant increase. This, of course, supports the idea that most companies are trying to do more with less amidst budget constraints.
Team members also put in their opinions on what companies need to do to help alleviate their stress. A good start is to add more experienced security team members and have more integrated security solutions. Consolidated security tools lead to faster issue detection, identification and resolution, yielding improved security posture.
However, companies are not helping security teams with this. Sure, 85% of companies overlap security solutions, but that tends to be by accident. So, this puts more work on security teams to deploy and maintain duplicative tools.
This adds to the reality that security teams face challenges on every front. Security teams need to be armed with the appropriate resources to meet regulatory compliance requirements, as well as internal and external stakeholder demands.
Edited by
Erik Linask
