CyberGRX, provider of the world’s first and largest global cyber risk exchange, announced the results of their study on preparedness for digital transformation, executed by Ponemon Institute. The research comprises surveys from nearly 900 IT security professionals and C-level executives covering financial, healthcare, industrial, public sector and retail industries. The study highlights that while digital transformation is understood to be critical, its rapid adoption, as seen with cloud providers, IoT and shadow IT, is creating significant vulnerabilities for most organizations. Today, these vulnerabilities are only exacerbated by misalignment between IT security professionals and the C-suite.
Read More: HubSpot Marks 10th Anniversary Of Its Partner Program With The Launch Of Solutions Partner Program
“We chose to study both IT security professionals and C-suite executives to tap into the intersection of two groups making the biggest impact on organizations as they adopt new digital practices.”
The Ponemon report, Digital Transformation & Cyber Risk: What You Need to Know to Stay Safe, identifies four major themes:
- Digital transformation is increasing cyber risk, and IT security has very little involvement in directing efforts to ensure a secure digital transformation process. Such misalignment of resources is illustrated by 82% of respondents believing their organizations experienced at least one data breach as a result of digital transformation. Fifty-five percent of respondents say with certainty that at least one of the breaches affecting their organization was caused by a third party.
- Digital transformation has significantly increased reliance on third parties, specifically cloud providers, IoT and shadow IT; and many organizations do not have a third-party cyber risk management program. Sixty-three percent of respondents say their organizations have difficulty in ensuring a secure cloud environment and 54% of IT security professionals say avoiding security exploits is a challenge. Additionally, 56% of C-level executives say their organizations find it a challenge to ensure third parties have policies and practices that ensure the security of their information.
- Conflicting priorities between IT security and the C-suite create vulnerabilities and risk; these two groups do not agree on the importance of safeguarding risk areas, including high value assets. IT security respondents are more likely to say the rush to produce and release apps, plus the increased use of shadow IT, are the primary reasons their organizations are more vulnerable following digital transformation. But in contrast, C-level respondents say increased migration to the cloud and increased outsourcing to third parties makes a security incident more likely. The majority of C-level respondents do not want the security measures used by IT security to prevent the free flow of information and an open business model.
- Budgets are, and will continue to be, inadequate to secure the digital transformation process; the majority of organizations do not have adequate budget for protecting data assets and don’t believe they will in the future. In fact, only 35% of respondents say they have such a budget. Because of the risks created by digital transformation, respondents believe the percentage of IT security allocated to digital transformation today should almost be doubled from an average of 21% to 37%. In two years, the average percentage will be only 37% and respondents say ideally it should be 45%.
Read More: Gartner Identifies The Top Five Customer Service Technology Trends For 2020