Cybersecurity is now recognized as a key business driver by the C-Suite, according to a new Radware report. Executives that participated in the survey found that the four main business impacts of a security incident were customer loss (45%), brand reputation loss (44%) and revenue loss or operational (32% each).
Cybersecurity as a business issue
The predominance of cybersecurity as a business issue extends to the board, with a majority (72%) of executives reporting information security is an agenda item for every board meeting.
All of this with good reason, as respondents estimated an average cost per attack of about $4.6M and the proportion of respondents estimating that the total cost of cyberattacks to their organization is more than $10M nearly doubled in frequency from 2018 (7%) to 2019 (13%).
Security is a key part of marketing
At the same time, customers want to understand what companies have done to secure their products and services. 75% of executives report that security is a key part of their marketing messages. 50% of companies surveyed offer dedicated security products and services to their customers. Additionally, 41% offer security features as add-ons within their products and services, and another 7% are considering building security services into their products.
“Because organizations have spent billions digitally transforming themselves over the years to create faster, easier and more numerous access points to their customers, they have also increased their vulnerability in equal measure,” said Anna Convery-Pelletier, CMO at Radware. “While responsibility for cybersecurity continues to be spearheaded by the CIO and CISO, it is also being shared throughout the entire C-Suite. Security issues now influence brand reputation, brand trust and consumer trust, which forces organizations to make a fundamental shift in thinking about the role of security in customer experience, marketing and business operations.”
Inadequate protection
But while the C-Suite has increased its focus on cybersecurity efforts, companies still have a long way to go to protect themselves.
A majority (70%) of senior executives surveyed in North America and Europe report their company experienced a cyberattack in the prior twelve months, and 75% of surveyed participants in EMEA say their networks are susceptible to cyberattacks.
Perspectives revelations
- The road to improved security isn’t always secure.
- Data breaches are most common in Europe, despite GDPR regulations.
- Bots continue to impact bottom-line business.
- Investments in machine learning & AI are growing.
- Customers increasingly take action following a breach.
As organizations ramp up their digital transformation efforts, which often include embracing the public cloud, 54% of respondents report improving information security is one of their top three reasons for initiating digital transformation processes. However, 73% of executives indicate they have had unauthorized access to their public cloud assets.
74% of European executives report they have experienced a data breach in the past 12 months, compared to 53% in America and 44% in APAC. Half (52%) of executives in Europe have experienced a self-reported incident under
GDPR in the past year.
Executives are discussing bots in their board management meetings. 53% say they’ve encountered reduced website revenue due to inventory hold-ups by bots, 51% report bots skewing marketing analytics, and 36% have talked about abuse of user accounts or payment information.
The majority of respondents (82%) have shifted more budget into machine learning/AI over the past two years. This represents a continued focus on automation as just 71% said the same in 2018. Individual regions report allocating an average of 37% of their security budget toward AI security systems (Americas 49%, EMEA 30%, and APAC 31%).
Following a data breach, survey participants report an average churn of 30% of customers. They estimate the average investment to win a customer back at almost $100,000.
