By 2026, 70% Of Boards Will Include A Member With Cybersecurity Expertise: Report
A report from Gartner has revealed that by 2026, 70 per cent of boards will include one member with cybersecurity expertise.
The report also mentioned that through 2027, 50 per cent of CISOs will formally adopt human-centric design practices into their cybersecurity programs to minimize operational friction and maximise control adoption.
Gartner research shows that over 90 per cent of employees who admitted undertaking a range of unsecure actions during work activities knew that their actions would increase risk to the organisation but did so anyway. Human-centric security design is modeled with the individual — not technology, threat or location – as the focus of control design and implementation to minimise friction.
The research company also predicts that by 2024, modern privacy regulation will blanket the majority of consumer data, but less than 10 per cent of organisations will have successfully weaponised privacy as a competitive advantage.
“Organizations are beginning to recognize that a privacy program can enable them to use data more broadly, differentiate from competitors, and build trust with customers, partners, investors and regulators. Gartner recommends security leaders enforce a comprehensive privacy standard in line with GDPR to differentiate in an increasingly competitive market and grow unhindered,” Gartner said in its report.
Another interesting prediction in the report is that by 2025, 50 per cent of cybersecurity leaders will have tried, unsuccessfully, to use cyber risk quantification to drive enterprise decision making. Gartner research indicates that 62 per cent of cyber risk quantification adopters cite soft gains in credibility and cyber risk awareness, but only 36 per cent have achieved action-based results, including reducing risk, saving money or actual decision influence. Security leaders should focus firepower on quantification that decision makers ask for, instead of producing self-directed analyses they have to persuade the business to care about.
