Keeping your corporate network secure is arguably the most important aspect of any CIO’s job. But a new study from risk-based security compliance company Tripwire seems to indicate that determining the metrics for security and conveying to the business side what it takes to keep a company safe is quite difficult. And when security and its importance cannot be conveyed to the business side, security itself suffers. “Chief Information Security Officers talk about the importance of leveraging metrics as a way to influence business leadership and build a risk management practice within their companies,” says Rekha Shenoy, vice president of marketing at Tripwire. “Unfortunately, they struggle with the bigger challenge of producing meaningful metrics while those they use are rarely aligned with business goals.” In other words, there’s a communication problem in the enterprise. And unfortunately, the communication problem is directly tied to corporate security. Tripwire’s study, which includes responses from more than 1,300 IT professionals, reveals a profound disconnect between business and IT when it comes to conveying security’s importance in the enterprise.
Senior Executives Don’t Get It A major reason that security metrics don’t line up with business strategy is that senior executives don’t understand the metrics, according to 51% of IT professionals.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...