About 40 per cent of the boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member by 2025, up from less than 10 per cent now, Gartner said on Thursday.
Sydney, About 40 percent of the boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member by 2025, up from less than 10 percent now, Gartner said.
Cybersecurity-related risk is rated as the second-highest source of risk for an enterprise, following regulatory compliance risk, according to the Gartner 2020 Board of Directors Survey.
However, relatively few directors feel confident that their company is properly secured against a cyberattack.
“To ensure that cyber risk receives the attention it deserves, many boards of directors are forming dedicated committees that allow for discussion of cybersecurity matters in a confidential environment, led by someone deemed suitably qualified,” Sam Olyaei, Research Director at Gartner, said in a statement.
“This change in governance and oversight is likely to impact the relationship between the board and the chief information security officer (CISO).”
While CISOs should experience more scrutiny as a result, they are also likely to receive more support and resources, according to Gartner.
CISOs must expect executive conversations to shift away from performance and health-related discussions to risk-oriented and value-driven exercises.
Gartner also predicts that by 2024, 60 percent of CISOs will establish critical partnerships with key executives in sales, finance, and marketing, up from less than 20 percent today.