CEOs still don't get cyber security

CEOs still don't get cyber security, study finds
by Doug Drinkwater
 
A new study reveals that boardroom executives are still unaware of cyber threats, much to the chagrin of those working in information security.
In the first of a two-party study sponsored by Websense, Ponemon Institute surveyed 4,881 experienced IT and IT security practitioners across 15 countries across the world, and found that not only were C-level executives unaware of the security risks, but that infosec practitioners themselves were finding it hard to keep up with cyber-criminals.
Approximately 80 percent of respondents said that their company's leaders "do not equate losing confidential data with a potential loss of revenue", despite Ponemon indicating that the average cost of an organisational data breach is approximately £3.2 million ($5.4 million). In addition, just under half of global respondents (52 percent in the UK) said that their board-level execs had a subpar understanding of security issues. Although this number has not been measured in previous studies, analysts believe that “cyber security awareness has most likely increased over the last few years".
Despite this, Websense EMEA strategist Neil Thacker admitted that there is work to be done in order to get C-level onside with cyber security. "I see a lot of professionals in the dark at the moment," he said generally, an observation backed up by the report's finding that less than half (41 percent) of respondents (35 percent in the UK) believe they have a good understanding of the threat landscape. "We need to bring them out [of the dark] so they understand what the latest threats are", he added.
 
Full Article