Alligator in Water

ERM’s Role in Information Security

Data breaches are happening more frequently, and with bigger than ever financial repercussions. Senior leaders and boards are under pressure to take a rigorous approach to understanding and managing cyber security risk. With this in mind, four out of five enterprise risk management leaders expect to play a more active role in helping to protect their organization from a cyber-attack

What has caused the rise in information security risk?

  1. Insecure Employee Behaviors – 1 in 2 breaches are the result if insecure employee behavior such as inadequate risk awareness or training, social media use, etc.
  2. Increasing Sophistication of Threats – 8 out of 10 heads of IT say they cannot keep pace with the increasing sophistication of threats to information security.
  3. 3rd Party Vulnerabilities – 41% of organizations reported they sustained a breach caused by a 3rd party.
  4. Growing Attack Surface – 84% of breaches target vulnerabilities prevalent in emerging technologies, i.e. mobile devices, IoT devices and cloud services.

CEB’s research highlights the underlying causes of information security failures, the trends making information security more complex to manage, and the top threats identified by CISOs.

Download research summary on ERM’s Role in Information Security to learn more.