In Gartner’s latest quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organizations identified cloud computing as the top concern for the second consecutive quarter. Additional information security risks, such as cybersecurity disclosure and GDPR compliance, ranked among the top five concerns of the executives surveyed.
The top two fast-moving, high-impact risks — those which have the ability to cripple an organization quickly — are also related to information security threats. Social engineering and GDPR compliance were cited as most likely to cause the greatest enterprise damage if not adequately addressed by risk management leaders, according to Gartner. However, only 18 percent of the cross-functional executives surveyed currently considered social engineering to be a significant enterprise risk.
Executives should expect cybersecurity threats to affect organizations in unpredictable ways. Through 2022, at least 95 percent of cloud security failures will be the fault of the organization, according to Gartner. As more sophisticated tactics such as social engineering are engineered to compromise sensitive data, organizations should expand their cybersecurity team to address evolving digital risks.
“Executives are right to expand cloud services as part of their digital business initiatives, but they need to ensure their cloud security strategy keeps up with this growth,” said Matthew Shinkman, practice leader at Gartner. “Leaders should start by clearly identifying their most at-risk areas, which remain obscure to many large organization leaders.”
Increased Adoption Brings New Risks
Gartner forecasts cloud computing to be a $300 billion business by 2021, as companies increasingly adopt cloud services to realize their desired digital business outcomes. Through the use of cloud services, cloud computing provides the speed and agility that digital business requires. Adopting the cloud can also result in significant cost savings and generate new sources of revenue.
Results from Gartner’s Emerging Risks Report, however, reveal that companies continue to struggle with security. Despite record spending on information security in the last two years, organizations have lost an estimated $400 billion to cyber theft and fraud worldwide. As cybersecurity events and data breaches increase, it is imperative that organizations elevate IT security to a board-level topic and an essential part of any solid digital business growth strategy.
“Executives should promote risk awareness throughout the organization,” Shinkman stated. “A strong risk culture helps employees make the right decisions and mitigates poor outcomes.”