In the age of daily breach headlines, we hear publicly from companies that cybersecurity is a top priority. And there is no question that InfoSec leaders have gained prominence within most organizations.
But in a surprising number of cases, those same InfoSec leaders may have their hands tied because business needs trump security.
Ponemon Institute research
We know this is happening because Dr. Larry Ponemon recently spoke to the cybersecurity industry at our SecureWorld Denver conference.
Here’s what he found after surveying CISOs or equivalent at 184 companies.
Business needs trump security
Ponemon's research discovered that business requirements supersede cybersecurity in these percentages:
- 14% frequently
- 36% sometimes
- 34% rarely
- 20% never
If you do the math, half of the InfoSec leaders surveyed say business needs override cybersecurity "sometimes" or "frequently."
When it comes to the needs of the business, we hear a lot about security being part of business enablement.
With that in mind, let us know if the numbers in this research surprise you.
Who is Larry Ponemon, anyway?
And speaking of Larry Ponemon and his research: if you've ever wondered how he became known in IT circles around the world, we have the answer for you.
It started with cryptography and the USSR, something we only learned about him during this interview: