Create a free Manufacturing.net account to continue

How Oversight Impacts Enterprise Level Cybersecurity

A new report examines the benefits being realized by higher-level cyber scrutiny.

Apr 11, 2024
Soc

Diligent Institute and Bitsight recently unveiled a report entitled Cybersecurity, Audit, and the Board, with the goal of gaining deeper insight into board practices regarding cybersecurity oversight, and the impact they have on organizations. Some of the key findings included:

  • Companies with advanced security ratings, based on a formula utilized throughout the report, create nearly four times the amount of value for shareholders as companies with basic security ratings. On average, the Total Shareholders’ Return (TSR) over three and five years for companies in the advanced security performance range is approximately 372 percent and 91 percent higher than their peers in the basic security performance range.
  • Companies with a specialized risk or audit committee had, on average, higher security performance ratings.
  • The security ratings among companies with specialized risk and audit committees tends to skew towards the advanced security performance range, whereas companies lacking either of these committees tend to skew towards the basic security performance range.
  • Having a cybersecurity expert on the board is not enough. Integrating a cybersecurity expert into the board committee tasked with cybersecurity risk oversight makes a significant difference in an organization’s performance. Companies with cybersecurity experts on either audit committees or specialized risk committees achieve an average security performance rating of 700, whereas companies with cybersecurity experts but not on either committee attain a security rating of 580.
  • The percentage of companies with cyber experts on the board remains significantly low. Only five percent of companies within the sample had cyber experts on their boards.
  • Of the companies with advanced-level security performance ratings, nearly a quarter (24 percent) of companies with basic security performance ratings came from the industrials sector.   
  • 26 percent of industrial and critical infrastructure companies reside in the advanced security performance range.

A full copy of the report is available here.

Latest in Cybersecurity
Specialty Food Producer Achieves Growth and Traceability with MRP Software
Sponsored
Specialty Food Producer Achieves Growth and Traceability with MRP Software
April 5, 2024
Ep90
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Transportation and Logistics Under Siege
April 24, 2024
Industrial Cyber
5G, AI and More Are Changing OT - Why Zero Trust Could Be the Solution
April 24, 2024
Related Stories
Ransomware
Cybersecurity
Report Identifies Hidden Costs, Challenges of Ransomware
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
Specialty Food Producer Achieves Growth and Traceability with MRP Software
Sponsor Content
Specialty Food Producer Achieves Growth and Traceability with MRP Software
More in Cybersecurity
Specialty Food Producer Achieves Growth and Traceability with MRP Software
Sponsored
Specialty Food Producer Achieves Growth and Traceability with MRP Software
Sales Manager Karen Addenbrook: "It has been terrific for our business and made us enormously more efficient."
April 5, 2024
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
A look at how this vital and increasingly targeted market sector is responding to more cyberattacks.
April 24, 2024
Industrial Cyber
Cybersecurity
5G, AI and More Are Changing OT - Why Zero Trust Could Be the Solution
Maximizing technology investments while maintaining security.
April 24, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
Avoiding Shutdowns from Ransomware Attacks
A strategic approach for protecting OT networks.
April 24, 2024
IEC 62443 is a key standard to reduce risk of cyberattacks in industrial workplaces.
Cybersecurity
How to Build a More Secure Connected World with IEC 62443
The goal is better efficiency, improved sustainability and interoperability, enhanced reliability and greater cost-effectiveness for system integrators, product suppliers and other stakeholders.
April 24, 2024
Ap24114558425503
Cybersecurity
UnitedHealth Says Wide Swath of Patient Files May Have Been Taken in Cyberattack
Screen shots containing protected health information or personally identifiable information were posted.
April 24, 2024
Coding
Cybersecurity
CISA Releases 7 ICS Advisories
Unitronics, Rockwell and Mitsubishi head the list.
April 19, 2024
Financial Cyber
Cybersecurity
Alarming Trends Reinforced in Ransomware Attack of Semiconductor Mfr.
Experts assess the fallout from the Dark Angel attack on Nexperia.
April 19, 2024
Industrial Cyber
Cybersecurity
Hexagon, Dragos Announce Partnership
The team-up looks to "revolutionize OT cybersecurity."
April 18, 2024
Ransomware
Cybersecurity
Report Shows Updated Ransomware Concerns
Hackers are elevating the complexity of their attacks - making them harder to detect.
April 18, 2024
Cybersecurity In A Bubble
Cybersecurity
Responding to Emerging Risks and Attack Vectors
Insight on key hacker strategies, response plans and creating a culture that embraces cybersecurity.
April 18, 2024
Ep89
Cybersecurity
Security Breach: Weaponizing Secure-By-Design
How a greater focus on new and legacy OT connections could alter the cybersecurity battlefield.
April 18, 2024
Ap24107471702533
Cybersecurity
Cyberattack Costs Hit UnitedHealth in Q1 That Still Turns Out Better than Expected
UnitedHealth is still restoring several services from the February attack.
April 16, 2024
Siemens Image 1
Cybersecurity
An Automatic Cyber Response Solution
The platform works to isolate and quarantine the infected production equipment during an attack.
April 11, 2024