Security leaders fail to balance data security and business objectives

While 35% of survey respondents secure data assets and 21% use data to achieve business goals, only one in seven can effectively do both.

The survey was conducted from June through August 2024 among 318 senior security leaders across organisations of different industries and sizes worldwide.

“With only 14% of SRM leaders able to secure their data while supporting business goals, many organisations can face increased vulnerability to cyber threats, regulatory penalties, and operational inefficiencies, ultimately risking their competitive edge and stakeholder trust,” said Nathan Parks, Sr Specialist, Research at Gartner.

Gartner recommends that SRM leaders take five actions to align business needs to data security and successfully achieve both data protection and business enablement goals.

1. Reduce governance-related friction for the business by using a well-established process to co-create data security polices and standards with end users and by inviting their feedback.

2. Align data-security-related governance efforts by partnering with other internal functions to identify overlaps and synergies.

3. Delineate non-negotiable security requirements that must be met by the business when handling previously unknown data security risks.

4. Define high-level guardrails around GenAI-related decisions (e.g., when to pause or stop a GenAI tool or feature) that allow for business experimentation within set parameters.

5. Work jointly with data and analytics (D&A) teams to secure top-down buy-in on data security initiatives.