According to David Jarvis, Senior Consultant at the IBM Centre for Applied Insights; “In the near future, every business will be a digital business. Everything will have an information technology component.”
Recent evidence has largely supported this, with energy giant General Electric starting to identify themselves as a digital business. Their CEO predicts that by the end of 2017, GE will employ over 12,000 IT employees, a huge rise compared to having 1,200 in 2012.
This year, IBM sponsored a study by the Darwin Deason Institute for Cyber Security. Researchers conducted 40 in-depth interviews with CISOs to better understand the connections between security investment strategies and reducing risk.
The results showed that CISO’s are seeing extraordinary support from the business and the budget to match. However, having enough of the right people with the right skills was seen as a barrier, sometimes delaying security investments and improvements.
The study also found that security leaders are relying on customised frameworks based on industry standards and best practises to help prioritise risks. These frameworks have become a key lens through which to define risk perception and prioritize investments in security. It is also used as a communications tool with business leaders.