State of IT and Cyber Risk Management Survey Report highlights trends and weak areas
- Published: Wednesday, 28 July 2021 09:23
MetricStream has announced the results of its State of IT and Cyber Risk Management Survey Report 2021. Compiled from the opinions of key IT risk and compliance executives around the world, key findings show that IT and cyber risk measures escalated as a priority during the pandemic.
Respondents stated that creating real-time visibility of their risk and compliance status is a top priority for the upcoming year.
In addition, ensuring compliance requirements are met, assessments are conducted on a regular basis, and a need for automated tools were also ranked high in the survey.
The survey suggests that organizations still need to adopt integrated risk and compliance tools that allow them to proactively address IT and cyber risks and conduct more frequent assessments. Almost half the surveyed organizations stated that they hope to increase real-time visibility on risk and compliance issues.
The survey highlights a widespread dependency on basic office productivity software, knowledge management software, and point solutions for IT and cyber risk and compliance management needs. This is an indication that organizations still need to adopt more advanced, automated tools that allow them to proactively address IT and cyber risks and conduct more frequent assessments. As cyber risk management processes improve, organizations will experience a significant decrease in the impact of risks and an increase in their ability to predict and manage potential risks.
The IT and Cyber Risk Management Survey is based on the responses of key risk, compliance, cybersecurity, and audit executives across industries and geographies and included analysts, managers, and senior managers, vice presidents, directors, heads of departments, and CISOs.
Other key findings from the survey include:
- 65.22 percent said that their organization mostly uses IT and cyber risk management software to identify and assess cyber risks
- 55.07 percent said that their organization's top IT and cyber risk priority for 2021 is to create real-time visibility on risk and compliance posture
- 45 percent of survey respondents identified a lack of visibility on cyber risks across the enterprise as the biggest challenge faced by their organization
- 45 percent of respondents said that they changed their plans and approaches to cyber risk and compliance management and reprioritized activities to contend with the pandemic-driven new operational landscape
- 41 percent believe that regulatory compliance is the first concern for their organization, and thus, should be a key area where future investments are directed
- Only 36.23 percent of respondents said that their organization conducts risks and controls assessments on a continuous basis.