How to create a business-driven cybersecurity strategy: 3 tips
A new PwC study looks at the characteristics of security “trailblazers,” i.e. the top 25% of firms in terms of cybersecurity. According to the report, over 80% of the trailblazers indicated that their cybersecurity staff managed to anticipate and mitigate a new cyber threat to the business before it impacted partners or customers, while this was true for just 6 in 10 other firms. Trailblazers are also far more likely to believe that their cybersecurity teams add significant value (86% over 50%) and to view their teams as highly effective in managing acute risks resulting from digital transformation efforts (58% over 21%).
So why are the trailblazers outperforming the rest? The researchers point to the integration of cybersecurity teams into the business. Trailblazers perform better because their cybersecurity teams are:
- More embedded in the business, meaning that the cybersecurity strategy matches the business strategy (65% over 15%).
- More involved in managing cybersecurity risks that are an integral part of business transformation and digital initiatives (89% over 41%).
- More in touch with senior executives, which allows them to better understand the risks stemming from business operations (77% over 22%).