Lancaster University research urges firms to prioritise employee wellbeing for responsible cybersecurity
New Resilience analysis finds biggest blind spot is third-party risk
CISO news
Lancaster University research urges firms to prioritise employee wellbeing for responsible cybersecurity
ew research led by Lancaster University into‘ responsible’ cybersecurity suggests the wellbeing of those in
N cybersecurity roles should be a key consideration for firms’ security strategies due to the level of burn out amongst those in high-pressure roles.
The new study is based on 20 in-depth interviews with senior cybersecurity professionals from a range of organisations and sectors. Researchers use their findings to outline a new model for organisations to follow that illustrates the multiple layers of cybersecurity required in a modern firm.
Using responses and insights from the participants who had between five and 30 years’ experience in the cybersecurity sector, the research team, identifed five different‘ layers’ of responsible cybersecurity needed for an organisation to act responsibly and be adequately protected.
Niki Panteli, Professor of Digital Business at Lancaster University Management School. said:“ Our study highlights interesting findings for the cybersecurity sector to consider but perhaps the most concerning is the level of burnout that was reported amongst our interviewees and the risks this presents to not only individuals’ health, but that of organisations and wider society.
“ Our data suggests that if firms want to act responsibly with their cybersecurity, there is a pressing need to foster a culture that prioritises employee wellbeing and a work-life balance, so that cybersecurity professionals can perform at their best without compromising their health.”
New Resilience analysis finds biggest blind spot is third-party risk
Buoyed by interconnected systems and reliance on ubiquitous software vendors, third-party risk has quietly taken centre stage as one of the industry’ s most insidious threats. Today’ s enterprises must not only stay abreast of their own security posture, but that of their partners too – or risk catastrophic losses.
Threat actors have a track record of exploiting a single point of failure in one company to create a cascading effect of disruption and chaos downstream.
New cyberinsurance claims data from Resilience’ s portfolio illustrates the financial fallout of this domino effect, finding that third-party risk, including ransomware and outages affecting vendors, accounted for 31 % of all claims in 2024.
“ Third-party risk isn’ t only making headlines – it’ s driving unprecedented losses. While this risk is often invisible until it’ s too late, it’ s now clear that the industry has reached a tipping point,” said Vishaal‘ V8’ Hariprasad, Co-Founder and CEO of Resilience. hird-party risk emerged as a dominant driver of cyberinsurance claims and material losses in 2024,
T new data from leading cyber-risk solutions company Resilience found.
“ Businesses can no longer afford to consider their partners’ vulnerabilities as siloed from their own. By understanding this new reality of shared risk, enterprises can make smarter business decisions and meaningfully mitigate material loss.”
WWW. INTELLIGENTCISO. COM 7