Risk-Based Roadmaps Set Foundation for Cybersecurity Success
By Raef Meeuwisse, CISM, CISA, ISACA expert speaker, and author of “Cybersecurity for Beginners”
And Doug Grindstaff, Senior Vice President of Cyber Security Solutions, CMMI Institute
Security professionals not only suffer from a barrage of cyber threats amid an increasingly complex threat
landscape – they also suffer from a crisis of confidence.
In ISACA’s recently released State of Cybersecurity 2019 research, only 1 in 3 respondents (34 percent)
are highly confident in their organization’s cybersecurity team’s ability to detect and respond to
cyberthreats. This is an alarming data point that reinforces the fundamental shortcomings enterprises are
dealing with when it comes to protecting their mission-critical digital assets.
The reality, though, is enterprises cannot do it all when it comes to security – the threats are too diverse,
too sophisticated and resources are limited. That is why it is essential that organizations take a risk-based
approach to measuring and managing security risks in the context of their business strategy.