Can a data breach or a hack on your enterprise turn customers away? Unfortunately, the answer is a resounding yes. A recent study conducted technology researcher Forrester on behalf of cyber risk management provider BitSight proves it. However, it also demonstrates what your enterprise can do to facilitate customer trust: improved security reporting.
This study—“Better Security and Business Outcomes with Security Performance Management”—surveyed over 200 American and British security leaders; in part, it inquired about their security performance management and measurement strategies. Forrester and BitSight found:
- Around 38 percent stated a real or perceived lack of security performance turn customers away or otherwise cause lost business.
- Nearly half said attracting customers became more difficult in the wake of a security incident.
- Meanwhile, 79 percent reported an increased demand for cybersecurity reporting among customers and partners. Yet only 34 percent said they actually provide metrics which accurately measure security performance.
Can You Prevent Lost Customers With Better Security Reporting?
“Better Security and Business Outcomes with Security Performance Management” found nearly three-fourths of security leaders state improved security performance measurements can improve enterprise financial performance. Additionally, 81 percent said improved security reporting can also improve company reporting.
So how can you improve your own security reporting before you turn customers away? According to the report, you can begin by providing context for your security performance metrics. Simply stating the threats blocked and incidents prevented means little; you need to formalize them with context so customers can understand the persistence of the threats, their seriousness, and what they targeted. Also, your customers and investor should know what actions your security team took to prevent the threats.
Fortunately, next-generation SIEM solutions can provide your enterprise with updated security reporting. In fact, SIEM began life as a regulatory compliance solution, but it can also help you generate reports for customers; these reports can provide the context so many enterprises lack in their reports.
Moreover, SIEM can provide your enterprise with vital capabilities like log management, threat detection, and threat intelligence. You can learn more in our 2019 SIEM Buyer’s Guide or our 2019 SIEM Vendor Map. You can also find the “Better Security and Business Outcomes with Security Performance Management” report here.
Latest posts by Ben Canner (see all)
- Trend Micro Study Shows Cloud Misconfiguration as Major Threat - April 8, 2020
- Major Security Monitoring Challenges for Remote Workforces - April 7, 2020
- A Conversation with Travis Knapp-Prasek of NCC Group on Phishing Attacks - April 2, 2020