Security outfit Dynatrace says there is a pressing necessity for channel partners to furnish solutions that bolster security teams’ communication with C-suite and mitigate cyber risk
In its annual global CISO survey entitled State of C-level engagement in application security 2024, Dynatrace said that such steps will mitigate cyber risk.
The study indicates that organisations grapple with internal communication hurdles, engendering voids in their capacity to discern and address cyber risk. This augments their susceptibility to security threats and carves out an avenue for the channel to provide solutions that bridge these gaps.
The report delves into these communication fissures to glean insights on how solutions fostering a unified stance on observability and security can enhance team collaboration and diminish risk posture.
The report found that 70 per cent of C-suite executives said that security teams articulated in technical jargon were devoid of business context. Conversely, 75 per cent of CISOs thought that the crux of the issue lies in the security tools’ restricted capability to engender insights usable by the CEO and board for comprehending business risk and averting threats. This trend is anticipated to steer customers towards their channel partners to bridge this communication divide and countering the perils posed by AI-induced attacks and advanced cyber threats.
More than 87 per cent of CISOs perceive application security as a blind spot at the CEO and board levels. To underscore the ramifications of this, 72 per cent of CISOs acknowledge their organisation’s encounter with an application security incident within the preceding two years.
CISOs citing frequent repercussions of attacks including affected revenue (47 per cent), regulatory penalties (36 per cent), and eroded market share (28 per cent). These risks magnify the pivotal role of the channel in backing customers by providing tools that unite security teams and C-suite executives in a concerted and efficacious application security strategy.
Dynatrace VP Partner Sales Worldwide Michael Allen said: “A series of notable incidents in recent times have heightened the C-suite’s awareness of cybersecurity risk. This scenario presents a important moment for the channel to enhance customer value by aiding in the closure of the communications rift between security and executive teams.”
The report also found it was imperative to cultivate closer ties with the C-suite is gaining momentum as AI’s ascendancy exposes organisations to heightened risk. CISOs were concerned about AI’s capacity to empower cybercriminals to concoct new exploits with greater celerity and implement them on an expanded scale (52 per cent), and to permit developers to hasten software delivery sans adequate supervision, culminating in increased vulnerabilities (45 per cent).
More than 83 per cent of CISOs assert that DevSecOps automation is paramount to managing the risk of vulnerabilities ushered in by AI use. Moreover, 71 per cent of CISOs deem DevSecOps automation as crucial to ensuring that reasonable measures are in place to minimise application security risk.
However, 78 per cent of CISOs encounter challenges in propelling DevSecOps automation owing to their dependence on a plethora of application security tools. An additional 77 per cent of CISOs lament that extant tools like XDR and SIEM are ill-equipped to handle cloud complexity, as they lack the requisite intelligence to catalyse automation at scale.
Allen said that as organisations use AI, they remain vigilant of the prospects it engenders for themselves and potential infiltrators.
He said that the channel must stand ready to guide their customers through this risk landscape, as many contemporary solutions fall short in keeping pace with the rapid evolution and magnitude of AI-driven threat development.
“To provide a good solution, the channel ought to empower customers to counteract with equivalent force, harnessing AI and automation to bolster intelligent threat detection and response. By providing these capabilities on a unified platform, the channel can confer even greater value, enabling customers to forge a consolidated repository of security insights that buttress DevSecOps automation and effective communication across all organisational strata,” Allen said.