Fortinet has revealed that almost half of the IT decision makers (ITDMs) at 250+ employee organisations in the Middle East believe that cybersecurity is still not a significant priority for board members despite high profile cyber-attacks continuing to occur, according to findings of Fortinet’s latest Global Enterprise Security Survey.
The research also highlights that many IT professionals believe that the transition to the cloud as part of their organisations’ digital transformation will in turn make security a growing priority.
“Over the years, we’ve seen that cybersecurity has become a key investment for organisations, with more and more C-level executives considering it as part of their broader IT strategy,” said Alain Penel, regional vice president, Middle East, Fortinet. “As organisations now embrace digital transformation and turn to technologies like the cloud, cybersecurity is no longer just an IT investment but a strategic business decision. In today’s digital economy, I expect the trend we’ve seen at the board level to accelerate with security being treated as a top priority within an organisations’ broader risk management strategy. By doing so, companies will be in a better position to succeed in their digital transformation efforts.”
The study found that members are not treating cybersecurity as a top priority with 47 percent of IT decision-makers believe that IT security is still not a top priority discussion for the board.
However, the report highlighted that this doesn’t seem to affect budgets since 54 percent of enterprises stated that they spend over 10 percent of their IT budget on security, which is a high investment. 69 percent of the surveyed respondents said their IT security budget has increased from the previous year. Now, IT decision makers feel strongly that cybersecurity should become a top management priority with 87 percent of the respondents saying that the board should actually put IT security under greater scrutiny.
According to the Fortinet report, there are three key drivers for cybersecurity becoming a top priority. Firstly, there’s the increase in security breaches and global cyber-attacks. In the last two years, 89 percent of businesses have experienced a security breach, with one of the most common vector of attack being email and identity fraud for 50 percent of respondents.
In addition, 52 percent of ITDMs said there has been an increased focus on IT security following global cyberattacks, such as WannaCry. The scale and profile of global cyberattacks is bringing security to the attention of the board. Security is no longer just an IT department discussion.
Another important driver of board awareness is the proliferation of regulation, 38 percent of respondents reported. With major fines threatening the bottom line, such as the impending GDPR compliance for European data, the board now has a mandate to take interest.
Lastly, there’s the transition to the cloud as a catalyst for security priorities. As organisations look at migrating to the cloud as part of their digital transformation, 73 percent of IT security decision makers believe that cloud security is becoming a growing priority. 75 percent of the respondents also affirm that cloud security – along with the investment in security to support it – is becoming a key priority for the board. As a result, 40 percent of those surveyed are planning investment in cloud security in the next 12 months.