dcsimg
 
 
 
 
 
 

Why CEOs Are in the Dark About Cyber-Security

 
 
By Karen A. Frenkel  |  Posted 12-28-2015 Email
 
 
 
 
 
 
 
  • Previous
    Why CEOs Are in the Dark About Cyber-Security
    Next

    Why CEOs Are in the Dark About Cyber-Security

    Despite the growing threat of cyber-crime, support for cyber-security programs at the executive level is lacking, according to a recent survey.
  • Previous
    CEOs Are Not Briefed Regularly on Cyber-Security
    Next

    CEOs Are Not Briefed Regularly on Cyber-Security

    One-third of CEOs are still not regularly briefed on cyber-security issues and related business risks.
  • Previous
    Management Does Not Regularly Receive Security Reports
    Next

    Management Does Not Regularly Receive Security Reports

    43% of management teams do not regularly receive security status reports.
  • Previous
    Detection Metrics Considered Effective
    Next

    Detection Metrics Considered Effective

    59% of respondents say threat detection metrics are the most effective for measuring security effectiveness, however, 79% still provide compliance and audit findings to their CEOs and other executives.
  • Previous
    Security Awareness Varies According to Industry
    Next

    Security Awareness Varies According to Industry

    Executive visibility into security program effectiveness depends on the industry in which they work: 72% of respondents in financial services and 70% in health care say they regularly provide executives with reports and metrics.
  • Previous
    More on Industry Variation
    Next

    More on Industry Variation

    Only 50% of respondents in manufacturing, hospitality, transportation and non-profit industries regularly provide reports and metrics to their executive teams.
  • Previous
    Inadequate Budgets Hamper Security
    Next

    Inadequate Budgets Hamper Security

    75% of respondents cite budgeting issues as the primary barrier to improving cyber-security.
  • Previous
    Lack of Expertise Is a Barrier
    Next

    Lack of Expertise Is a Barrier

    There is a growing cyber-security skills gap. 50% of respondents say lack of expertise is a primary barrier to cyber-security.
  • Previous
    Endpoint and Privileged Account Security Are Top Priorities
    Next

    Endpoint and Privileged Account Security Are Top Priorities

    Endpoint security and privileged account security are the top two organizational security priorities for 2016, according to respondents.
 

A new study about the gap between executive awareness and enterprise security finds that the majority of IT security professionals believe CEOs make decisions with little regard to security. IT security pros also believe management teams are not regularly briefed on cyber-security issues. The survey, commissioned by cyber-security company CyberArk, was conducted by Dimensional Research and captured the opinions of 308 IT security professionals worldwide. The goal was to capture hard data on visibility and support for security programs at the executive level and determine which metrics are used to define security effectiveness. "Compliance does not equal security. It can lull a CEO into a state of complacency because all it demonstrates is the simple checking of a box without context for responsible levels of information protection," said John Worrall, chief marketing officer of CyberArk. "Security professionals are briefing executives on the wrong information. They need to arm their CEOs and executive teams with information that matters, such as threat detection risks versus compliance and system availability."

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that cioinsight.com may send you cioinsight offers via email, phone and text message, as well as email offers about other products and services that cioinsight believes may be of interest to you. cioinsight will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit