Businesses are being warned that fragmented cyber-governance and risk management structures are increasing compliance, operational and cybersecurity exposure across the enterprise.
According to Ryan Boyes, Senior Security Administrator, Galix, many organisations still treat cyber-governance as a separate IT discipline rather than integrating it into broader enterprise risk management frameworks.
Boyes argued that this siloed approach limits visibility into how risks intersect across departments and makes it more difficult for executives to assess overall business exposure consistently.
“Across many organisations, cyber-governance is still treated as a parallel discipline to enterprise risk management rather than a core component of it,” said Boyes.
The warning comes as businesses face increasing pressure from regulators, customers and third parties to demonstrate stronger governance, consistent risk measurement and effective information management practices.
Boyes said organisations often manage risks independently across departments such as finance, HR, safety and information security, creating inconsistencies in how threats are measured and…
