The big problem with the CEO and CIO disconnect isn’t only that it weakens security, but also that it negatively impacts business growth.  A recent study showed just how influential an organization’s security impacts business dealings.

 

Kaspersky Lab conducted a survey where they found that two-thirds of companies prefer to bank with providers who have a solid security reputation, which means that banks making security a priority are the ones that retain existing customers as well as gain new ones.

 

When we look at the study’s findings a bit more in depth, we can see how security provides a huge ROI when it comes to deciding who to do business with:

 

  • 94% of companies use online banking in their day-to-day operations because not having to physically visit a bank gives them a lot of advantages, including reducing their operational costs and improving response time.

 

  • 63% of the companies surveyed understand the risk of online financial services, which include financial fraud and compromise of the corporate IT infrastructure.  The same percentage that understands the risk understands the importance of protecting their critical data, which is why they’ll do business with a financial institution that shows they are proactive in maintaining a high level of security.

 

  • Kaspersky Lab’s study shows just how true this is since 72% (almost three quarters) of the companies questioned stated that they select a bank based on its security reputation and nine out of 10 (88%) are willing to pay extra to work with a bank that has a strong security policy and a good security track record.

 

  • In addition to working with a bank that holds security as a priority, the companies (43% of them) also understand the need for their business to improve security measures to protect their financial transactions with their banks.

 

Even though the study focuses on banks, the same thought process takes place with business dealings overall; whether its customers choosing to do business with a company or companies partnering up for business reasons.  Ultimately, all companies have some form of data to protect and to stay operational they also need to be able and maintain business operations.

 

The fact that those running a business, from the CEO and the board to the CIO and the CISO, can’t agree on how to stay proactive and effective with security is something that must change.  Yes, the CIO and CEO speak a different language and have different responsibilities; but their common goal is to stay in business.  With this in mind, and the clear ROI behind a strong information security program, there has to be a meeting point between all those involved; and it starts from evaluating what’s missing with the security process in place.

 
How has your existing information security program affected your business dealings?

 

Photo  Courtesy of  purpleslog