New Ivanti Research Reveals 55% of IT & Security Professionals Believe That Non-IT Leaders Don’t Understand Vulnerability Management and 47% of Leaders Agree
16 July 2024 - 2:01PM
Business Wire
More than half of non-IT leaders remain "very"
or "extremely confident" that their organization can prevent or
mitigate a damaging security incident within the next year.
Ivanti, the tech company that breaks down barriers between IT
and security so that Everywhere Work can thrive, released its
latest research report on Aligning Perspectives: Cyber Risk
Management in the C‑Suite, which details the need for CISOs to
effectively communicate risk up the chain of command.
Cyber threats are advancing quickly in size and sophistication,
largely because of the rapid evolution of technology, increasing
sophistication of cyber attackers, and the expansion of attack
surfaces through interconnected systems and devices. Fully 95% of
IT and security professionals believe security threats will be more
dangerous due to AI — yet, despite that elevated risk, nearly one
in three security and IT professionals have no documented strategy
in place to address generative AI risks. In today’s environment,
CISOs play an even more critical role in the organization as many
of the decisions they make will affect the business as a whole.
Key findings from the report include the following:
- Leaders (outside of IT) are overconfident: Although 60%
of non-IT leaders report being “very” or “extremely confident” in
their organization’s ability to prevent or stop a damaging security
incident in the next 12 months, just 46% of IT professionals shared
that level of confidence. This gap suggests leaders outside IT may
not truly understand the risks posed by mounting and increasingly
aggressive cybersecurity threats.
- Vulnerability management is misunderstood: 55% of IT and
security professionals state that non-IT leaders do not fully
understand vulnerability management – and non-IT leaders largely
agree – 47% state they don't have a high-level understanding of
vulnerability management. When leaders don’t understand
vulnerability management, they may not realize how changing
leadership priorities can impact the security of their
organization. In fact, more than 1 in 4 IT professionals say patch
management is undermined by changing leadership priorities.
- Leadership and security have misaligned perspectives on
cyber risk: Executives outside IT are more likely to focus on
financial, legal and reputational impacts than their IT and
security counterparts. For instance, 24% of executive leaders label
the reputational impact of cyber risks as ‘high’ compared to only
15% of CISOs.
“The role of the CISO is to effectively communicate the true
risk that their organization faces and understand how different
types of security incidents can impact the organization – now more
than ever,” said Mike Riemer, Field CISO at Ivanti. “The threat
landscape is growing increasingly volatile and unpredictable and
CISOs are tasked with enabling employees to remain productive and
secure. The success of the CISO organization is imperative to
ensure the success of the entire organization, which explains why
cybersecurity has elevated to being a board level discussion.”
The report outlines how CISOs can effectively quantify the
impacts of security events on other business functions, use
vulnerability management to effectively manage the cybersecurity
risk of their organization and attain long-term buy-in from C-level
executives for the CISO’s vision.
To learn more about the results of Ivanti’s report, please visit
here.
Methodology
This report is based in part on two surveys conducted by Ivanti
in late 2023 and early 2024: “2024 Everywhere Work Report:
Empowering Flexible Work” and “2024 State of Cybersecurity:
Inflection Point.” In total, these two studies surveyed 16,200
executive leaders, IT professionals, security professionals and
office workers. This report looks specifically at the 3,059
leaders, IT professionals and security professionals surveyed
across the two studies.
About Ivanti
Ivanti breaks down barriers between IT and security so that
Everywhere Work can thrive. Ivanti has created the first
purpose-built technology platform for CIOs and CISOs – giving IT
and security teams comprehensive software solutions that scale with
their organizations’ needs to enable, secure and elevate employees'
experiences. The Ivanti platform is powered by Ivanti Neurons - a
cloud-scale, intelligent hyper automation layer that enables
proactive healing, user-friendly security across the organization,
and provides an employee experience that delights users. Over
40,000 customers, including 85 of the Fortune 100, have chosen
Ivanti to meet challenges head-on with its end-to-end solutions. At
Ivanti, we strive to create an environment where all perspectives
are heard, respected and valued and are committed to a more
sustainable future for our customers, partners, employees and the
planet. For more information, visit www.ivanti.com and follow
@GoIvanti.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240715066238/en/
Press Contacts press@ivanti.com