Sep 3, 2019 SOURCE: PR NewsWire

Nearly 2 in 5 Enterprises Have Lost Business Due to Cybersecurity Performance, New Independent Study Finds

BOSTON, Sept. 3, 2019 /PRNewswire/ -- BitSight, the Standard in Security Ratings, today announced the availability of a new study that evaluates how executives understand and effectively measure their cybersecurity performance and adequately communicate it to the board, senior executives, customers, and critical stakeholders. The September 2019 commissioned study conducted by Forrester Consulting on behalf of BitSight titled, "Better Security And Business Outcomes With Security Performance Management" indicates that cybersecurity performance is critical to achieving commercial success. Among the study's most interesting findings is that nearly two in five (38 percent) of enterprises admit that they have lost business due to either a real or perceived lack of security performance within their organization.

"Financial success, brand perception, business continuity and company reputation now all hinge on security performance," said Tom Turner, CEO, BitSight. "But in order to effectively manage performance, you have to measure it. We think this study should serve as a wakeup call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting - after all, their businesses are now on the line."

Based on a survey of 207 security decision makers with responsibility for risk, compliance, and/or communications with boards of directors, the study explores the organizational misalignment and technological complexities that commonly prevent organizations from realizing effective security performance management (SPM). Additional noteworthy findings include:

    --  Effective security performance management drives business wins and
        better security outcomes. Nearly three-quarters of C-level respondents
        say that improved security performance measurement would greatly or
        significantly improve company financial performance, while the majority
        of respondents overall agree that improved measurement would improve
        company business continuity (82 percent) and company reputation (81
        percent). Additionally, companies that have formal security performance
        metrics are more likely to successfully manage security: they are nearly
        two times more likely to develop security policies, update security
        technology and perform security trainings. Their investment decisions
        and strategies are also better trusted by executives and board members:
        using formal security metrics means security leaders are likely to see a
        10 percent or greater year-over-year increase in security budget.
    --  Commercial success is at risk due to missteps in effectively measuring
        security performance and communicating it to external stakeholders.
        Seventy-nine percent of security decision makers surveyed say customer
        and partner demands for cybersecurity reporting have intensified, but
        decision makers also say customers and partners receive some of the
        least accurate reporting of any security stakeholder.  Additionally, 82
        percent agree that customer and partner perception of security is
        increasingly important to the way their firm makes decisions.
    --  Metrics are critical to understanding and improving communication around
        security performance, but there is vast room for improvement in current
        methods. Sixty-three percent of respondents have introduced formal
        security performance metrics, but four of the five top reported
        measurements lack context and paint an incomplete picture of security
        performance and can leave companies blind to potential risk. These
        metrics include: the number of malware incidents blocked (used by 50
        percent of respondents); the number of intrusions blocked by a
        firewall/network security (50 percent); the percentage of filtered
        phishing/malicious emails (45 percent); and the number of data loss
        prevention incidents (40 percent).
    --  Cybersecurity risk ratings emerge as an early security metric bright
        spot. Forty-five percent of respondents report using cybersecurity
        ratings, making it the third-most common metric overall. Forty-nine
        percent of respondents say that security ratings are their top preferred
        metric. Derived from objective, verifiable information, security ratings
        provide a strategic and contextualized measurement of security
        performance. Forty-three percent of companies using cybersecurity
        ratings report them out to customers and partners, and 63 percent report
        them up to the board, indicating that security ratings are emerging as a
        top method for security performance communication across key company
        stakeholders.

To download a copy of the "Better Security And Business Outcomes With Security Performance Management" report, visit https://bitsig.ht/2ZmQtKc.

About BitSight
Founded in 2011, BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct M&A due diligence and assess aggregate risk. With over 1,800 global customers and the largest ecosystem of users and information, BitSight is the most widely used Security Ratings Service. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter.

View original content to download multimedia:http://www.prnewswire.com/news-releases/nearly-2-in-5-enterprises-have-lost-business-due-to-cybersecurity-performance-new-independent-study-finds-300909832.html

SOURCE BitSight

Related News

Freckle Announces Stock Symbol Change to "MyID"

TipTags launches FIRST-EVER map-based mobile Catastrophe Management System for Gathering and Sharing of Critical Real-time information

AvidXchange launches virtual learning hub to support customer success

Kaiterra Acquires ChemiSense, Expands Global Footprint

GrandCare Selected to Speak With Leading Industry Thought Leaders at Longevity Academy

Sharecare launches national survey to study impact of COVID-19 on community well-being

Wonder Workshop Helps Extreme STEAM Science for Kids (ESSK), a Decades-Old Summer Camp, Launch Virtual Summer Camp

RedShelf and Follett Expand Digital Course Materials Relationship

View all News

Latest Procurements

Deadline: Jul 17, 2025

Tactical Bp Jackets (Combat Cloth Jacket For Bullet Proof Plates) Quantity: 550

BID NO: GEM/2025/B/6387341 View Corrigendum/RepresentationItems: Tactical BP Jackets (Combat Cl...Quantity: 550Department Name And Address: Ministry of DefenceDepartment of Military AffairsStart Date: 26-06-2025 2:54 PMEnd Date: 17-07-2025 3:00 PM

Deadline: Jul 7, 2025

Items: Ghillie Suit (Mha) Quantity: 5

BID NO: GEM/2025/B/6388941 View Corrigendum/RepresentationItems: Ghillie Suit (MHA)Quantity: 5Department Name And Address: Ministry of DefenceDepartment of Military AffairsStart Date: 26-06-2025 7:21 PMEnd Date: 07-07-2025 8:00 PM

Deadline: Jul 16, 2025

Bubble Level For Rifle Scope 34Mm Quantity: 2

BID NO: GEM/2025/B/6384669 View Corrigendum/RepresentationItems: Bubble level for Rifle scope 3...Quantity: 2Department Name And Address: Ministry of DefenceDepartment of Military AffairsStart Date: 25-06-2025 7:27 PMEnd Date: 16-07-2025 8:00 PM

View all Procurementsp