A high percentage of organizations are exposed to avoidable cyber-risk because of a persisting tendency to put business interests ahead of safety, a new study by Tanium shows.
The security vendor surveyed some 500 CIOs and CISOs from companies with more than 1,000 employees about the challenges and trade-offs they face in protecting their organizations against cyberthreats.
Almost all respondents (94%) admitted to making security compromises to accommodate business priorities. Eighty-one percent, for instance, said they had on at least one occasion delayed deploying a critical security update or patch because of concerns over the potential impact to business operations. Fifty-two percent admitted to doing so on more than one occasion.
“Another common area of compromise is network segmentation,” says Ryan Kazanciyan, chief technology officer at Tanium. Security practitioners often want micro-segmentation and strict device isolation to contain breach fallout, while endpoint and network teams tend to fall back to overly…