Misalignment between security team, C-suite leading to risk exposure: Report
Application security is blind security as a direct result of misalignment between a company’s security team and the C-suite. A recent report by Dynatrace on application security surveying chief information security officers (CISOs) found that 87% of them feel that this off-balance leaves gaps in the organisation’s understanding of cyber risk.
It was also found that security teams talk in technical terms without providing business context, which makes it difficult for the executive and board of directors to understand the risk and prevent threats. CISOs, however, point out that the issue is rooted in security tools employed by companies that cannot generate insights that C-level personnel understand.
“Many CISOs are struggling to drive alignment between security teams and senior executives because they’re unable to elevate the conversation from bits and bytes to specific business risks. CISOs urgently need to find a way to overcome this barrier and create a culture of shared responsibility for cybersecurity. This will be critical to improving their ability to respond effectively to security incidents and minimize their risk exposure,” said Bernd Greifeneder, Chief Technology Officer at Dynatrace.
The risk is further amplified at a time AI-driven attacks are on the rise and cybersecurity threats significantly increase business risk. C-suite is becoming more important as the rise of AI exposes organisations to added risk. CISOs are concerned about AI’s potential to enable cybercriminals to create new exploits faster and execute them on a broader scale (52%). They are also concerned about AI’s potential to allow developers to accelerate software delivery with less oversight, leading to more vulnerabilities (45%), the report found.