New Research Identifies Oversight Practices Correlated With Effective Cybersecurity Outcomes

bitsight diligent study
Written by Jeff Barnett

In the last few years, boards have rushed to incorporate Cyber Risk into the Board’s overall risk management duty, without really knowing how effective those efforts have been. For the first time ever, Diligent and Bitsight have partnered to see just how well the effort at the board level is translating into reducing Cyber Risk for their company.

A recent groundbreaking study from Diligent and Bitsight sheds light on the significant impact of cybersecurity on organizational success, revealing compelling insights that underscore the imperative for robust cyber risk management. Key findings include:

  1. Companies that are cyber-secure deliver higher financial performance than their peers
  2. Companies with specialized risk or audit committees have better cybersecurity performance
  3. Highly regulated industries outperform other industries in cybersecurity performance

To obtain a deeper understanding of how Cybersecurity is driving shareholder returns and organization excellence, read the study

Cybersecurity: A Strategic Imperative

For the first time, we have quantitative measurements showing what board practices actually create optimal cyber oversight. The study reveals a stark contrast in shareholder returns between companies with advanced cybersecurity performance and their peers with basic security measures. Companies demonstrating advanced cybersecurity prowess enjoy a staggering 372% higher shareholder return compared to their counterparts. This finding underscores the pivotal role of cybersecurity as a strategic imperative rather than merely an IT concern.

Board Oversight: The Key to Enhanced Cybersecurity Performance

One of the most striking revelations of the study is the correlation between board oversight practices and cybersecurity performance. Companies with specialized risk or audit committees exhibit superior cybersecurity performance compared to those without such structures in place. This underscores the critical importance of board engagement and oversight in driving effective cyber risk management practices.

Moreover, the presence of cybersecurity experts on either audit or specialized risk committees significantly enhances security performance. This underscores the need for direct involvement of cybersecurity experts in board-level discussions and decision-making processes.

Industry Insights: The Healthcare and Financial Sectors Lead the Way

The study also delves into industry-specific trends, revealing that highly regulated sectors such as healthcare and financial services boast the highest cybersecurity ratings. This underscores the stringent regulatory requirements driving robust cybersecurity measures in these industries. Conversely, the communications sector lags behind, highlighting the need for greater emphasis on cybersecurity in traditionally less regulated sectors.

The Role of Cyber Risk Management in Driving Organizational Excellence

In today's interconnected business landscape, cyber risk management is not just a defensive strategy; it's a cornerstone of organizational excellence. Market-leading companies prioritize cyber risk management, leveraging clear benchmarks and actionable insights to stay ahead of evolving threats. As Derek Vadala, Chief Risk Officer at Bitsight, aptly puts it, "Cyber risk is a key component of business performance."

Moving Forward: Empowering Organizations for Success

As organizations navigate an increasingly complex cyber threat landscape, it's imperative to equip leaders with the tools and insights needed to drive effective cyber risk management. Diligent and Bitsight are at the forefront of empowering organizations with market-leading cyber risk data and insights, enabling boards and executive teams to make informed decisions that drive shareholder value and organizational resilience.

In conclusion, the findings of the Diligent and Bitsight study underscore the critical importance of cybersecurity as a strategic imperative for organizations across industries. By prioritizing cyber risk management and fostering strong board oversight practices, companies can not only mitigate risks but also unlock new opportunities for growth, innovation, and sustained success in today's digital age.

bitsight-diligent-report

Leverage this joint research between Bitsight and Diligent to help you benchmark your security program and to better inform your strategy with the latest cyber performance insights.