Risk-Based Security Management Needs More Support

By Don Reisinger  |  Posted 07-18-2013

Risk-Based Security Management Needs More Support

IT Sees a Strong Commitment   When it comes to risk-based security management, 81% of IT professionals say their company's commitment is either "significant" or "very significant."

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

What's the Driving Force?  An overwhelming majority of IT professionals, 88%, say their focus on risk-based security management relates entirely to the protection of intellectual property.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

Compliance Is Another Top Concern  Seventy-eight percent of IT professionals say their desire to minimize non-compliance is a leading driving force for improved risk-based security management.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

Security and Business Can Go Together  Not surprisingly, 60% of IT professionals say that risk-based security management is a key ingredient in the friendly mix of security programs and business objectives.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

A Lack of Strategic Planning  Unfortunately, 46% of IT professionals say that, despite their best efforts, they've been unable to get their organization to adopt a risk-based security management strategy.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

Little or No Business Involvement   Sixty-two percent of IT professionals report that the business side in their organizations has little or no involvement in assessing corporate security risk.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

Nonexistent Security Plans   Despite the need for a security management program, 47% of IT professionals say that such a program hasn't been deployed in their company.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

The Numbers Are Sobering  Just 29% of companies currently have a security risk management strategy in place in their organization.

Risk-Based Security Management Needs More Support

Risk-Based Security Management Needs More Support

So, What Gives?  Wondering why there's such a security risk disconnect between IT and the business side? According to Tripwire, a large number of companies simply do not see the connection between a cybersecurity program and top-level business risks.

Risk-Based Security Management Needs More Support