Riyadh, Saudi Arabia — Tenable®, Inc., the Cyber Exposure company, published a global industry study that revealed the vast majority of Saudi Arabian organizations (95%) have experienced a business-impacting cyberattack in the past 12 months, according to both business and security executives. The data is drawn from ‘The Rise of the Business-Aligned Security Executive,’ a commissioned study of more than 800 global business and cybersecurity leaders, including 49 respondents in Saudi Arabia, conducted by Forrester Consulting on behalf of Tenable.

As cybercriminals continue their relentless attacks, 85% of respondents in Saudi Arabia have witnessed a dramatic increase in the number of business-impacting cyberattacks over the past two years. Unfortunately, these attacks had damaging effects, with organizations reporting loss of customer and/or employee data (41%), ransomware payments (37%) and financial loss or theft (35%). Roughly 61% security leaders in Saudi Arabia say these attacks also involved operational technology (OT).

Business leaders want a clear picture of how at risk they are and how that risk is changing as they plan and execute business strategies. But only four out of 10 of local security leaders say they can answer the fundamental question, “How secure, or at risk, are we?” with a high level of confidence, despite the prevalence of business-impacting cyberattacks.

Looking at global respondents, fewer than 50% of security leaders said they are framing cybersecurity threats within the context of a specific business risk. For example, though 96% of respondents had developed response strategies to the COVID-19 pandemic, 75% of business and security leaders admitted their response strategies were only “somewhat” aligned.

Organizations with security and business leaders who are aligned in measuring and managing cybersecurity as a strategic business risk deliver demonstrable results. Compared to their siloed peers, business-aligned security leaders are:

  • Eight times more likely to be highly confident in their ability to report on their organizations’ level of security or risk.
    • 90% are very or completely confident in their ability to demonstrate that cybersecurity investments are positively impacting business performance compared with 55% of their siloed counterparts.
    • 85% have metrics to track cybersecurity ROI and impact on business performance versus just 25% of their siloed peers.
  • Organizations with business-aligned cybersecurity leaders are also:
    • Three times more likely to ensure cybersecurity objectives are in lock step with business priorities.
    • Three times more likely to have a holistic understanding of their organization’s entire attack surface.
    • Three times more likely to use a combination of asset criticality and vulnerability data when prioritizing remediation efforts.

“In the future, there will be two kinds of CISO -- those who align themselves directly with the business and everyone else. The only way to thrive in this era of digital acceleration is to bring cyber into every business question, decision and investment,” said Renaud Deraison, Chief Technology Officer and co-founder, Tenable. “We believe this study shows that forward-leaning organizations view cybersecurity strategy as essential to innovation and that when security and the business work hand-in-glove, the results can be transformational.”

  • Forrester Consulting conducted an online survey of 416 security and 425 business executives, as well as telephonic interviews with five business and security executives, to examine cybersecurity strategies and practices at midsize to large enterprises in Australia, Brazil, France, Germany, India, Japan, Mexico, Saudi Arabia, the UK and the US. The study was fielded in April 2020.
  • “Business-impacting” relates to a cyberattack or compromise that results in a loss of customer, employee, or other confidential data; interruption of day-to-day operations; ransomware payout; financial loss or theft; and/or theft of intellectual property.

To read the full study, visit https://www.tenable.com/analyst-research/forrester-cyber-risk-report-2020

About Tenable

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com

Contact Information:
Cayla Baker
Tenable
tenablepr@tenable.com  
443-545-2102, x 1544

Nirmala D’souza
OAK Consulting
nimi@oakconsulting.biz 
+971507343840

Send us your press releases to pressrelease.zawya@refinitiv.com

© Press Release 2020

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.