Enterprise security skills: the communication factor
How important are good lines of communication as far as the enterprise IT security strategy is concerned? Davey Winder investigates...
When Tripwire carried out a detailed UK analysis of the Ponemon Institute's 2013 Risk-Based Security Management Study, it discovered something of a disconnect between an enterprise's commitment and its ability to actually deliver on that. The key takeaways from the very detailed analysis, can be boiled down to:
- Some 61 per cent don't communicate security risk with senior executives or only communicate when a serious security risk is revealed;
- Just shy of 40 per cent of collaboration between security risk management and business is poor, non-existent or adversarial;
- Less than half (47 per cent) rate communication of relevant security risks to executives as not effective' and when asked why this should be: 63 per cent said communication occurs at too low a level and 57 per cent said communications are too siloed. Furthermore, 56 per cent said the information is too technical to be understood by non-technical management and 50 per cent said negative facts are filtered before being disclosed to senior executives and the CEO. In addition just over one third (35 per cent) said it takes too much time to prepare report metrics to senior executives.
The results of this study would seem to suggest that integrating security risk into the day-to-day operational decision making of the business just isn't happening in the majority of enterprises.
Just how vital, therefore, are good communication skills? And, how can IT security professionals in particular develop new skills in this area to enable them to talk about risk in terms that are relevant to the goals of the business and so both understandable, and therefore implementable, by the powers that be?
In This Article
How inkjet can transform your business
Get more out of your business by investing in the right printing technologyDownload now
Journey to a modern workplace with Office 365: which tools and when?
A guide to how Office 365 builds a modern workplaceDownload now
Modernise and transform your sales organisation
Learn how a modernised sales process can drive your businessDownload now
Your guide to managing cloud transformation risk
Realise the benefits. Mitigate the risksDownload now