Survey Finds Disconnect Between Security Strategy and Execution

Report from Intel Security and CSIS discovers 93% of businesses have cybersecurity strategies, but only 49% fully implement them.

Dark Reading Staff, Dark Reading

March 2, 2017

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A recent survey by Intel Security and the Center for Strategic and International Studies (CSIS) discovered a disconnect between strategy and implementation for business cybersecurity programs. While executives are happy in the belief that their security measures are effective, executioners have a different story to tell.

The report says there are three basic misalignments in the current corporate world that give cybercriminals an edge. These involve bureaucracy, strategy implementation and disparity between executives and implementers. While 93% of businesses claim to have a strategy in place, only 49% report its implementation. Even though 60% of IT executives believe their strategy execution is complete, only 30% of the implementers agree.

"It's not a matter of 'what' needs to be done, but rather determining 'why' it’s not getting done, and 'how' to do it better," says Denise Zheng of CSIS.

Despite recognizing the seriousness of cybersecurity, around 54% executives say reputation is more important to their organizations.

Candace Worley of Intel Security explains: "For IT and cyber professionals in government and business to compete with attackers, they need to be as nimble and agile as the criminals they seek to apprehend, and provide incentives that IT staff value."

Read full survey here.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights