There appears to be a growing gap in communication on a key issue facing most companies – an issue that could result in a massive hit to your bottom line.
A new survey finds that more than a third of CEOs aren’t being briefed on cybersecurity by their IT team.
The Dimensional Research and CyberArk survey found IT’s having a difficult time relaying the security picture to the top brass.
Thirty-six percent said C-level execs weren’t regularly briefed on cybersecurity, defense strategy and business risks.
As a result:
- 61% said they didn’t believe their execs had enough knowledge on cybersecurity
- 53% said C-level decisions weren’t made with cybersecurity in mind, and
- 60% said their current security defenses were likely exploitable.
There was a time when almost no security pros had a seat at the table in companies, but these findings underscore at some of the best organizations, this kind of access is expected these days.
Could be improved
The reasons these executives lack security knowledge varied, according to the survey.
Respondents said their execs lacked IT understanding because:
- the information was too technical (69%)
- execs had delegated responsibility for security to someone else (52%)
- execs didn’t grasp the severity of security risks (44%)
- security wasn’t seen as strategically important (37%), and
- execs simply weren’t interested (28%).
As a result, 53% of those surveyed said they wound up with a mixed message: Higher-ups consistently voiced support for security, but getting it into the budget was a struggle.
Think your firm is in a similar communication crisis?