Business Leaders Conflicted About Cybersecurity


Trend Micro has released new research revealing that while Australian organisations plan to increase cybersecurity budgets in 2023, business leaders hold conflicting views on the function.

Mick McCluney, Technical Director, ANZ at Trend Micro: “If organisations want to make the most of their security investments, business leaders must reframe their view of cybersecurity – to think more broadly about how it can positively impact the enterprise. This research shows it’s clearly a critical component of winning new business and talent. At a time when every dollar/penny counts, it’s concerning to see stereotyped views of security persist at the very top.”

Most (89%) IT decision-makers (ITDMs) respondents say they plan to increase security investment in 2023.

However, the research also reveals critical gaps in business decision-makers’ (BDMs) understanding of the relationship between cybersecurity and other parts of the organisation.

On the one hand, more than half (52%) claim cybersecurity is a necessary cost but not a revenue contributor, while a similar share (43%) argue that its value is limited to attack/threat prevention. Nearly a fifth (38%) even see security as a barrier rather than a business enabler.

However, on the other hand, 71% worry that a lack of cybersecurity credentials could impact their ability to win new business – with almost a fifth (15%) admitting it already has. This comes as more than two-thirds (69%) of BDMs admit they’re being asked about security posture in negotiations with prospects and suppliers. And 74% say these requests for information are increasing in frequency.

This apparent contradiction in attitudes is laid bare by another finding. Despite prospects and suppliers clearly prioritising security in negotiations, only 43% of BDMs perceive there to be a strong or very strong connection between cyber and client acquisition/satisfaction.

Talent acquisition is another area where there are clear gaps in BDMs’ understanding of the interconnectivity between cybersecurity and the rest of the business.

Nearly three-quarters (69%) of respondents claim that the ability to work from anywhere has become vital in the battle for talent. Yet only around one-third understand the strong connection between cybersecurity and employee retention (30%) and talent attraction (37%).

That’s despite respondents recognising the impact of cyber on the employee experience:

  • 82% say current security policies have affected remote employees’ ability to do their jobs (eg. network and information access issues, and slowing the pace of work)
  • 38% say current security policies place restrictions on employees’ ability to work from anywhere
  • 60% say current policies restrict what devices/platforms employees can choose to use

You can read the full report here.