For decades an imaginary line has separated cybersecurity from “the business”. Most board members and senior executives were not well versed in cybersecurity, nor understood the impact it had on the business, meanwhile many security leaders approached security as a purely technical challenge dictated by technology and regulation. However, following years of near-limitless budgets and unsatisfactory results, the time has come for both security and business leaders to recognize that they have been asking the wrong questions and taking the wrong approach.
"Gartner clients are also reporting that after years of quarterly reporting on cybersecurity to their boards, that boards are now pushing back and asking for improved data and understanding of what they have achieved after years of such heavy investment."
Download the Gartner report on “The Urgency to Treat Cybersecurity as a Business Decision” to learn about how security and business leaders can “drive cybersecurity priorities and investments by using an outcome-driven approach that balances investment and risk with the needs to achieve desired business outcomes.”
The Urgency to Treat Cybersecurity as a Business Decision, 12 February 2020, Paul Proctor GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.