Gartner Survey Reveals Only 14% of Security Leaders Successfully Balance Data Security and Business Objectives

Only 14% of security & risk management (SRM) leaders can effectively secure organisational data assets while also enabling the use of data to achieve business objectives, according to a survey by Gartner, Inc. While 35% of survey respondents secure data assets and 21% use data to achieve business goals, only one in seven can effectively do both. 

The survey was conducted from June through August 2024 among 318 senior security leaders across organisations of different industries and sizes worldwide.

"With only 14% of SRM leaders able to secure their data while supporting business goals, many organisations can face increased vulnerability to cyber threats, regulatory penalties, and operational inefficiencies, ultimately risking their competitive edge and stakeholder trust," said Nathan Parks, Sr Specialist, Research at Gartner.

Gartner recommends that SRM leaders take five actions to align business needs to data security and successfully achieve both data protection and business enablement goals. 

1. Reduce governance-related friction for the business by using a well-established process to co-create data security polices and standards with end users and by inviting their feedback.
2. Align data-security-related governance efforts by partnering with other internal functions to identify overlaps and synergies. 
3. Delineate non-negotiable security requirements that must be met by the business when handling previously unknown data security risks.
4. Define high-level guardrails around GenAI-related decisions (e.g., when to pause or stop a GenAI tool or feature) that allow for business experimentation within set parameters. 
5. Work jointly with data and analytics (D&A) teams to secure top-down buy-in on data security initiatives.

Gartner clients can learn more in "Infographic: 5 Actions to Balance Data Security With Business Enablement."

Learn how CIOs Can Protect the Organisation From Evolving Security Threats in this complimentary Gartner webinar. Click the link to register.

Gartner Security & Risk Management Summit 

Gartner analysts will present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits, taking place March 3-4 in Sydney, March 10-11 in India, April 7-8 in Dubai, June 9-11 in National Harbor, MD, July 23-25 in Tokyo, August 5-6 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X using #GartnerSEC.

About Gartner for Cybersecurity Leaders

Gartner for Cybersecurity Leaders equips security leaders with the tools to help reframe roles, align security strategy to business objectives and build programs to balance protection with the needs of the organisation. Additional information is available at https://www.gartner.com/en/cybersecurity/products/gartner-for-cisos.

Follow news and updates from Gartner for Cybersecurity Leaders on X and LinkedIn using #GartnerSEC. Visit the Gartner Newsroom for more information and insights.

 About Gartner

Gartner, Inc. (NYSE: IT) delivers actionable, objective insight that drives smarter decisions and stronger performance on an organisation's mission-critical priorities. To learn more, visit gartner.com.