Only 14% of security and risk management (SRM) leaders can effectively secure organisational data assets while also enabling the use of data to achieve business objectives, according to a survey by Gartner.
While 35% of survey respondents secure data assets and 21% use data to achieve business goals, only one in seven can effectively do both.
The survey was conducted from June through August 2024 among 318 senior security leaders across organizations of different industries and sizes worldwide.
“With only 14% of SRM leaders able to secure their data while supporting business goals, many organizations can face increased vulnerability to cyber threats, regulatory penalties, and operational inefficiencies, ultimately risking their competitive edge and stakeholder trust,” says Nathan Parks, senior specialist: research at Gartner.
Gartner recommends that SRM leaders take five actions to align business needs to data security and successfully achieve both data protection and business enablement goals.
- Reduce governance-related friction for the business by using a well-established process to co-create data security polices and standards with end users and by inviting their feedback.
- Align data-security-related governance efforts by partnering with other internal functions to identify overlaps and synergies.
- Delineate non-negotiable security requirements that must be met by the business when handling previously unknown data security risks.
- Define high-level guardrails around GenAI-related decisions (for example, when to pause or stop a GenAI tool or feature) that allow for business experimentation within set parameters.
- Work jointly with data and analytics (D&A) teams to secure top-down buy-in on data security initiatives.