There’s no question about it: Being exposed to cyber risk is an inevitable part of doing business in today’s world. In fact, a recent ESG study found that 82% of organizations believe that cyber risk has increased over the past two years.
Unfortunately, for many of these organizations, cyber risk is seen as complex and too often discussed in technical terms or through the lens of remediation plans for security incidents. According to the ESG study, 69% of business and technology leaders believe cybersecurity is entirely or mostly a technology area with little or no linkage to the business.
These conditions highlight an important challenge for today’s security leaders: In order to position security similarly to other business initiatives, they need to provide cyber risk quantification insights in financial terms — ultimately helping non-technical stakeholders understand how cyber risk translates into business risk.