Businesses are Prioritising Cybersecurity Above All Else, Optiv Security Report Finds

Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

With the rise of the data breach epidemic, and the imposition of comprehensive privacy regulations and significant legislation requirements, cybersecurity has become a tier-one business risk. As a result, the chief information security officers (CISO) role in a business has dramatically increased in value. In fact, 64 percent of businesses now prioritise cybersecurity above all else, even if it slows some users productivity down, according to a new research report from Optiv Security. The report, The State of the CISO, takes an in-depth look at the approach to cybersecurity taken by CISOs, CSOs and senior IT decision makers, the strategies they have in place and their experience of data breaches.

Cybersecurity becomes a business priority

The research found that the importance of cybersecurity is now better understood by business executives and board members. In fact, 96 percent of respondents indicated they are taking a more strategic approach to cybersecurity as a result of being greater aligned with business leaders.

Some organisations are further along this evolutionary curve than others, but without business buy-in to a cybersecurity program, CISOs will undoubtedly struggle to keep their organisations safe from looming cyber threats, said Andrzej Kawalec, Optivs director of strategy and technology, Europe. We are seeing a significant shift in the industry, whereby cybersecurity is now a business issue. CISOs are being regarded as an important part of major business initiatives such as next-generation digital transformation, which has led to more funding for cyber programs. The board now understands that a major security or compliance miscue can derail a business.

When it comes to the approach to cybersecurity, the research found that 66 percent of IT security decision makers felt greater awareness of security risks within the IT function has had a significant impact on currently existing cybersecurity policies. Compliance with external standards such as GDPR follows closely behind at 56 percent, but basic functions like vulnerability and patching is only prioritised by 32 percent of respondents. Employee education was deemed a top priority by 58 percent of respondents, as was simplifying infrastructure (54 percent) and aligning security with development operations to create a DevSecOps model (47 percent).

It is concerning in light of the fact that, by some estimates, unpatched vulnerabilities account for more than half of all data breaches, continued Kawalec. By getting the basic functions of cybersecurity right, IT decision makers can drastically improve their chances of defending against a cyber-attack, since unpatched software is often cited as the most common cause of data breaches.

The greatest security threats

The research also identified that 31 percent of respondents believe that organized crime and politically motivated acts are seen as the greatest threats to cybersecurity, while 28 percent believe this to be hacktivists. Insider threats are seen as critical by 26 percent and just 15 percent of respondents cited third parties as a threat to their cybersecurity. To deal with cybersecurity threats, 92 percent of respondents have an incident response plan in place, but rehearsing this plan is lagging, with 44 percent of businesses stating they only rehearse once a year or less.

The report finds that breaches still seem to serve as a wake-up call for organizations, with 39 percent of businesses implementing changes in their security program only after an incident. While 65 percent cited that recovery from the breach was well coordinated and successful, over a third (35 percent) reported that recovery costs were still higher than it would have cost to invest in better breach defence.

To read the full report, please visit Optivs website.


Optiv launched an independent research series to discover how IT decision makers approach cybersecurity. To produce its research and resulting report, Optiv worked with London-based research agency, Loudhouse. Loudhouse is an independent agency that specializes in technology and B2B research for global brands.

Loudhouse conducted online interviews with 100 US- and 100 UK-based CISOs, CSOs and Senior IT decision makers at enterprise businesses (between 500 and 5000+ employees), to understand their approach to cybersecurity, the strategies they have in place, and their experience of data breaches.

Follow Optiv Twitter:¯ LinkedIn:¯ Facebook:¯ YouTube:¯ Blog:¯¯

Optiv Security: Who Secures Your Insecurity?„¢ Optiv is a security solutions integrator “ a global, one-stop trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, cyber operations, identity and data management, and integration and innovation, helping organisations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment. For more information about Optiv, please visit us at

Brett Ater

(913) 304-7683

[email protected]


Jason Cook

(816) 701-3374

[email protected]