The shift to hybrid working has made the cybersecurity environment more complex and perilous than ever before. With people working remotely, and billions of unmanaged devices regularly accessing business resources beyond the office, it’s no surprise that the cybersecurity threat is constantly evolving. In 2021, corporate networks saw a 50% increase in cyber-attacks per week compared to the previous year.
Despite this, many businesses are poorly positioned to protect themselves from this evolving threat. In the UK, almost two-thirds of medium and large businesses admitted they’ve suffered a security breach over the last 12 months, with the average cost of a breach now exceeding $4.2m.
Cybersecurity teams are over-stretched and under even more pressure to enable employee productivity in a new hybrid way of working, all while keeping the business secure. Recent research reveals that 43% of employees say the shift to a remote workforce has triggered a change in their company’s approach to cybersecurity, yet the belief that the current approach is “good enough” for the business provides their biggest hurdle.
So, what does this mean when it comes to the people who are ultimately responsible for allocating the resources – the C-suite? The answer – it’s complicated.
Attitudes to cybersecurity are complicated
Firstly, cybersecurity continues to be one of the C-suites biggest concerns, with cyber risk ranking as a greater threat for UK CEOs than the pandemic. This increased perception of cybersecurity as a business risk, rather than an IT problem, sees senior business leaders taking more accountability towards solving the problem.
Yet, leaders are still averse to confronting the threat as cybersecurity remains overly complex and disconnected from business growth and success. The challenge is clear: business leaders and IT decision makers don’t speak the same language when it comes to cybersecurity.
Positioning cybersecurity as having the highest cost impact of any business risk is what the board needs to hear. Yet, 82% of IT decision makers have felt pressured to downplay the severity of cyber-risks to their board. This can have long-term consequences, as business leaders fail to digest the full scale of the problem and what needs to be done to secure their organisation long-term.
This is also a common and reoccurring issue. Security has never had a traditional return on investment (ROI), and the more successful a team is in securing a business, the more often they hear questions about potential cost-cutting. As part of this, the C-suite often fail to realise that the dearth of cybersecurity issues is because of their continued investment rather than their lack of it.
Sympathy for the C-suite
It’s the role of the C-suite to plan for the future and drive strategies for growth and innovation, but this focus on growth doesn’t always align well with cybersecurity.
In fact, 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favour of another objective such as digital transformation or productivity. This underlines how the drive for growth so often takes precedence over the cost of security. To this end, cybersecurity is typically seen as a blocker that prevents the business from pursuing innovation.
We can’t expect the growth-minded C-suite to tackle cyber threats head on when cybersecurity is often framed as a cost, rather than a strategic investment towards the future, or when the philosophical disconnect between the C-suite and cybersecurity is bolstered by the complexity of the current cybersecurity landscape.
Added to this is the fact that there is a vast array of different solutions and services in the market, and most large companies have built up a massive portfolio of cybersecurity tools over time (on average 76 security tools per organisation). This makes cybersecurity more complicated than it needs to be.
Leaders demand an easy solution
As cybersecurity teams struggle to keep up and the C-suite remains reluctant to tackle the risks due to the complexity and costs, the best solution is a new solution. One unified cloud service that simplifies security and allows distributed organisations to adapt quickly to a new, hybrid workforce – so that people working at home, in an office, or on the road can consistently and productively access and use sensitive data and intellectual property without putting business resources at risk.
Having one central platform means cybersecurity teams can manage one set of policies in one console, with one endpoint agent, from one cloud platform, all while keeping attackers out and sensitive data in.
With hybrid working becoming the norm, a simplified solution to cybersecurity is vital to helping business leaders secure their users and data, cutting through the complexity and providing a clear path of action that is connected to business growth. It’s time for an easy button for security.