Nearly two in five companies have lost business due to poor cybersecurity – BitSight claims

Nearly two in five companies have lost business due to a lack of cybersecurity performance within their organisation, a study from security ratings company BitSight claims.  

Its report explores how executives understand and measure their cybersecurity performance and communicate it to the board, senior executives, customers, and critical stakeholders. “Better Security And Business Outcomes With Security Performance Management” claims that 38 per cent of enterprises admit they lost business due to a real or perceived lack of security performance.

The report found that effective security performance management improves business wins with nearly three-quarters of C-level respondents stating these significantly improve financial performance. Of these, 82 per cent stated it would improve company business continuity and 81 per cent said it would bolster company reputation.

Additionally, companies with formal security performance metrics are nearly two-times more likely to produce security policies, update security technology and perform security training.

Respondents of the survey state that metrics are critical to understanding and improving communication around security performance. Only 63 per cent of respondents have implemented formal security performance metrics but four in five state these lack context.

Another finding of the survey is that commercial success is at risk if security is not clearly communicated with stakeholders and customers. Of the respondents, 79 per cent said customer and partner demands for cybersecurity reporting has increased; however, they also state customers and partners are being given the least accurate reporting.

BitSight CEO Tom Turner said, “Financial success, brand perception, business continuity and company reputation now all hinge on security performance.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a wakeup call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting – after all, their businesses are now on the line.”

The survey was compiled responses of 207 security professionals responsible for risk, compliance and communications within boards of directors.

 

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.