Why CEOs Are in the Dark About Cyber-Security

Why CEOs Are in the Dark About Cyber-Security

Why CEOs Are in the Dark About Cyber-Security

Despite the growing threat of cyber-crime, support for cyber-security programs at the executive level is lacking, according to a recent survey.

CEOs Are Not Briefed Regularly on Cyber-Security

One-third of CEOs are still not regularly briefed on cyber-security issues and related business risks.

Management Does Not Regularly Receive Security Reports

43% of management teams do not regularly receive security status reports.

Detection Metrics Considered Effective

59% of respondents say threat detection metrics are the most effective for measuring security effectiveness, however, 79% still provide compliance and audit findings to their CEOs and other executives.

Security Awareness Varies According to Industry

Executive visibility into security program effectiveness depends on the industry in which they work: 72% of respondents in financial services and 70% in health care say they regularly provide executives with reports and metrics.

More on Industry Variation

Only 50% of respondents in manufacturing, hospitality, transportation and non-profit industries regularly provide reports and metrics to their executive teams.

Inadequate Budgets Hamper Security

75% of respondents cite budgeting issues as the primary barrier to improving cyber-security.

Lack of Expertise Is a Barrier

There is a growing cyber-security skills gap. 50% of respondents say lack of expertise is a primary barrier to cyber-security.

Endpoint and Privileged Account Security Are Top Priorities

Endpoint security and privileged account security are the top two organizational security priorities for 2016, according to respondents.