Story image

Fortune 500 companies failing to demonstrate cybersecurity commitment - Bitglass

03 Oct 2019
Twitter
Facebook

CASB company Bitglass has released findings from its latest report, The Cloudfathers: An Analysis of Cybersecurity in the Fortune 500.

To uncover whether the world’s companies are committed to enhancing their cybersecurity initiatives, Bitglass researched the members of the 2019 Fortune 500 and analysed public-facing information such as what is available on their websites.

The Cloudfathers report found that 77% of the Fortune 500 make no indication on their websites about who is responsible for their security strategy.

Additionally, 52% do not have any language on their websites about how they protect the data of customers and partners (beyond a legally required privacy notice).

The results demonstrate that most organisations lack an authentic, lasting commitment to cybersecurity, with certain industries being less security-conscious than others.

As breaches continue to cost brands millions, incite executive turnover, decrease stock prices and harm countless stakeholders, it is crucial that organisations appoint relevant leadership and prioritise proper cybersecurity.

Other Key Findings:

  • 38% of the 2019 Fortune 500 do not have a chief information security officer (CISO).
  • Of this 38%, only 16% have another executive listed as responsible for cybersecurity strategy, such as a vice president of security.
  • Of the 62% that do have a CISO, only 4% have them listed on their company leadership pages.

Most security-conscious industries in the Fortune 500:

  • The transport industry is the most security-conscious vertical, with 57% of its companies listing an executive as responsible for cybersecurity strategy. The aerospace industry (33%) and the insurance industry (30%) come in second and third, respectively.
     
  • 89% of organisations in the aerospace industry have information available on their websites about how they are protecting the data of customers and partners. Aerospace is followed by finance (72%) and technology (66%).

Least security-conscious industries in the Fortune 500:

  • No hospitality companies list an executive who is responsible for cybersecurity strategy. The manufacturing and telecommunications industries follow closely behind at 8% and 9%, respectively.
     
  • Within each of the construction, oil and gas, and hospitality industries, only 25% of organisations have information on their websites about how they protect customer and partner data.

“Corporate social responsibility initiatives have made it on to the websites of the Fortune 500, but research has shown that the same level of importance is not being given to publicly demonstrating commitment to cybersecurity initiatives,” says Bitglass chief technology officer Anurag Kahol.

“Lax security and its resulting breaches have long-term repercussions for organisations as well as their customers, shareholders, partners and other stakeholders.

“Members of the Fortune 500 should be focused just as much on protecting personal data and consumer privacy as they are on other areas of social responsibility,” he adds.

Story image
07 Nov
Qualtrics extends BrandXM to enable better business-customer relationships
Qualtrics has added new capabilities to BrandXM, a solution designed to enable organisations to have greater control over how consumers experience and interact with their brand.More
Story image
Yesterday
Verizon rolls out new field service management solution
“Verizon Connect Field Service Dispatch provides a simplified approach to managing drivers, technicians and jobs. This enables customers to streamline business processes, efficiently schedule jobs and improve customer service - all from one pane of glass.”More
Story image
12 Nov
Dynatrace doubles cluster capacity and adds more options for enterprise
Dynatrace has doubled the capacity of a Dynatrace cluster enabling it to scale up to 50K hosts while maintaining system performance. More
Story image
13 Nov
Big Tech firms dominating internet choices
"While people benefit from big tech's products and services, they are clearly concerned about associated security and privacy threats, and they also want more choice."More
Story image
Yesterday
DXC Technology & VMware team up on IaC cloud platform
“By combining VMware’s hybrid cloud offerings with DXC cloud services and industry expertise, DXC Managed Multi-Cloud Services powered by VMware gives IT the ability to rapidly deploy a universal management experience across all cloud environments."More
Link image
Whitepaper: Gartner highlights the 12 frontiers of edge computing
By year-end 2023, more than 50% of large enterprises will deploy at least six edge computing use cases deployed for IoT or immersive experience.More