Gartner Survey Highlights Challenge: Only 14% of Security Leaders Balance Data Security and Business Priorities

February 11, 2025: Only 14% of security & risk management (SRM) leaders can effectively secure organizational data assets while also enabling the use of data to achieve business objectives, according to a survey by Gartner, Inc. While 35% of survey respondents secure data assets and 21% use data to achieve business goals, only one in seven can effectively do both.

The survey was conducted from June through August 2024 among 318 senior security leaders across organizations of different industries and sizes worldwide.

“With only 14% of SRM leaders able to secure their data while supporting business goals, many organizations can face increased vulnerability to cyber threats, regulatory penalties, and operational inefficiencies, ultimately risking their competitive edge and stakeholder trust,” said Nathan Parks, Sr Specialist, Research at Gartner.

Gartner recommends that SRM leaders take five actions to align business needs to data security and successfully achieve both data protection and business enablement goals.

1. Reduce governance-related friction for the business by using a well-established process to co-create data security polices and standards with end users and by inviting their feedback.
2. Align data-security-related governance efforts by partnering with other internal functions to identify overlaps and synergies.
3. Delineate non-negotiable security requirements that must be met by the business when handling previously unknown data security risks.
4. Define high-level guardrails around GenAI-related decisions (e.g., when to pause or stop a GenAI tool or feature) that allow for business experimentation within set parameters.
5. Work jointly with data and analytics (D&A) teams to secure top-down buy-in on data security initiatives.

Gartner clients can learn more in “Infographic; 5 Actions to Balance Data Security With Business Enablement.”

Learn how CIOs Can Protect the Organization From Evolving Security Threats in this complimentary Gartner webinar. Click the link to register.

Gartner Security & Risk Management Summit

Gartner analysts will present the latest research and advice for security and risk management leaders at the Gartner Security & Risk Management Summits, taking place March 3-4 in Sydney, March 10-11 in India, April 7-8 in Dubai, June 9-11 in National Harbor, MD, July 23-25 in Tokyo, August 5-6 in Sao Paulo and September 22-24 in London. Follow news and updates from the conferences on X using #GartnerSEC.