This document summarizes the results of a cyber security survey conducted by Core Quadrant in 2016. The survey gauged the preparedness of organizations in India on issues related to cyber security. Key findings included:
- CISOs felt that external and internal threats as well as compliance needs had increased compared to the previous year. Cyber threats to infrastructure, applications and digital applications were also seen as increasing.
- There was a gap between CFO and CISO perspectives on the alignment of cyber security strategy with business and IT strategies. CISOs also rated CISO leadership traits like influencing skills lower than CFOs.
- Common challenges cited were unclear roles and accountability as well as the need for a holistic security plan
08448380779 Call Girls In Civil Lines Women Seeking Men
Cyber Security in the Digital Age Report
1. Kapil Dev Singh
Founder & CEO, Coeus Age
Co-Founder, Core Quadrant
+91 9811771187, kds@kdsnext.com
Cyber Security in the Digital Age
Mumbai, March 11, 2016
2. Digital Landscape,
2015 & Beyond
Digital as a Theme
of a deep, broad and sustained research initiative
Building a
Digital
Enterprise
Business and IT
Priorities, 2014
and 2015
The Jewels of
Digital, 2015
Digital
Landscape,
2015 & Beyond
Enterprise
Digital Tracker
The Jewels of
Digital, 2015
Images courtesy of freedigitalphotos.net
Enterprise Digital
Tracker
3. Digital as Enterprise Priority
is on the rise
5
16 17
14
24
31
2014 2015 2016
Top Priority 2nd Top Priority
%
Base- 202
Core Quadrant, 2014, 2015, 2016
Base- 142
Base- 113
7. The Framework
of an enterprise digital platform
Core
Catalyst
SMAC+
1. Automation of IT
Processes
2. Communication
between machines, people,
processes & data
3. Embedded play of
Analytics and Big
Data capabilities
4. Availability of IT
Management
Dashboards on
multiple devices
5. Elasticity and
Spread
6. Openness to other
platforms
7. Security &
Governance across the
spectrum
1. Matching expectations of
user experience (UX)
2. Digitized, secured and
dynamically
retrievable documents
3. Automated, agile,
managed, connected, secured
and contextualized business
processes
4. Integrated, open,
managed, optimized,
orchestrated and secured
business applns
5. Secured, quality and
rationalized data, and smooth
data flow
6. Agile, governed and
secure IT
infrastructureCore Quadrant, 2015
8. Cyber Security Survey
gauging the preparedness
Core Quadrant, 2016
• A nation wide survey by Core Quadrant
• Core Issues
– Organizational Preparedness, Alignment,
Challenges, Structure, and
– CISO Leadership
• The cusp of Enterprise Risk Management and
Cyber Security
• 50 CFOs and 36 CISOs
10. Cyber Threats Focus
Core Quadrant, 2016
Increased Decreased Same Cannot Say
Infrastructure 58% 11% 31% 0%
Applications 80% 9% 11% 0%
Digital Applications 77% 6% 14% 3%
Operational Controls 40% 11% 46% 3%
31% 36%
14% 11% 8%
IT Infrastructure Enterprise
Applications
Digital Applications Operational controls Other (please
specify)
11. Cyber Security - Alignment
Core Quadrant, 2016
What is your agreement with the following statements regarding alignment of business with cyber
risk issues? Please rate on a 5 point scale where 1= completely disagree and 5= completely agree
.
CFO CISO
We have a well-defined cyber security strategy in alignment with the business
strategy
4.12 3.39
Major CXOs are stakeholders in the cyber risk practice 4.02 3.53
Our top management including the CEO is quite active with respect to cyber
risk
3.96 3.78
We have a well-defined cyber security strategy in alignment with the enterprise
IT strategy
3.94 3.44
We have created a well defined cyber security governance structure 3.7 3.47
The company board is involved in cyber risk issues through mechanisms like
board advisor committee
3.4 3.42
12. Cyber Security - Key Challenges
Core Quadrant, 2016
What are the top two challenges with respect to cyber security in your organization?
CFO CISO
Role definition and accountability 46% 19%
A well secured IT and digital platform 46% 0%
The IT and cyber risk leadership capability 30% 19%
A well developed enterprise risk management framework 28% 28%
A well defined holistic cyber security and risk plan 22% 42%
Top leadership’s appreciation of cyber risk as an organizational issue 14% 19%
Availability of skilled security professionals 12% 31%
Availability of adequate budgetary allocations for security 2% 22%
Lack of/inadequate organizational security culture 0% 19%
13. Cyber Security Structure
Core Quadrant, 2016
Who is responsible for the cyber security practice in your organisation?
CFO CISO
Chief Information Officer (CIO) 26% 25%
Chief Information Security Officer (CISO) 28% 61%
Chief Risk Officer (CRO) 44% 0%
Someone at the middle/ junior level 2% 3%
Other (please specify) 0% 11%
Who does the person responsible for cyber security report into in your organization?
CFO CISO
Chief Information Officer (CIO) 6% 33%
Chief Executive Officer (CEO) 4% 19%
Chief Financial Officer (CFO) 88% 0%
Chief Risk Officer (CRO) 0% 19%
Other (please specify) 2% 28%
15. CISO Leadership
Core Quadrant, 2016
Please rate the CISO or the person responsible for cyber security in your organisation on the
following leadership traits? Please rate on a 5 point scale where 1= very low and 5= very high.
Ability to conceptualise scenarios around business impact of cyber risk 3.8
Ability to motivate and lead people 3.6
Process understanding with respect to cyber security and risk 3.6
Domain understanding of business operations 3.5
Understanding of digital business and digital technologies 3.5
Ability to present convincingly at senior levels and influence decision making 3.5
Technical understanding of the latest development in cyber security products 3.4
17. Kapil Dev Singh
Founder & CEO, Coeus Age
Co-Founder, Core Quadrant
+91 9811771187, kds@kdsnext.com
Cyber Security in the Digital Age
Mumbai, March 11, 2016
Editor's Notes
Let’s see the bigger context, which makes an enterprise digital platform a must.
What was within the enterprise premise (or an extended physical premise) has moved beyond boundaries. The situation has become more complex.
Because
-The traditional IT architecture is challenged by the emerging cloud computing paradigm
-There is a plethora of devices from many access points and on multiple platforms
-Multiple stakeholders, each one with unique ‘interaction requirements’. Enterprise platform is opened for the customers from a customer service or ecommerce perspective.
-Multiple and ever growing applications meeting the unique requirements of the stakeholders
-As a result of multiple devices, users and applications data is exploding, data flow across the enterprise boundaries
-Increasing pressure for speed, compliance, security and governance
The legacy enterprise platform is becoming inadequate to meet the emerging priorities for the CIOs.