CEO disconnect between cyber security perception and reality; report

CEO disconnect between cyber security perception and reality; report
Ray Rothrock: "CEOs are underestimating their companies' cyber vulnerabilities."
Published: 11 January 2017 - 12:31 p.m.
By: Aasha Bodhani

Cybersecurity analytics firm RedSeal has revealed that there is a disconnect between CEOs confidence in cyber defence strategies and actual results.

The survey, which is based on 200 CEOs from various industries, such as technology, finance, manufacturing, government and retail, discovered that 80% of CEOs are confident in their company's cybersecurity strategies, regardless of the fact that security incidents have increased by 66% year-on-year since 2009.

Ray Rothrock, chairman and CEO of RedSeal said: "CEOs are underestimating their companies' cyber vulnerabilities. Their confidence does not square with what we observe. Cyber-attacks are up and financial losses associated with these attacks are increasing dramatically."  

The RedSeal study also found that half of the CEOs still prioritise keeping hackers out of the network, versus just 24% who were concerned with building capabilities to deal with hackers who have successfully breached their network's perimeter defences.

"The new cyber battleground is inside the network, not at the perimeter," added Rothrock. "Firewalls, virus detectors, and malware scans are required to keep out 99% of the bad guys, but the 1% who get in can cripple a firm, critical infrastructure or a government agency."

Furthermore, the study highlighted that while 87% of CEOs agree that they require a better way to measure the effectiveness of their cyber investments, 84% will increase spend next year, despite security budgets being high. Another problem faced is the lack of timeliness, 90% of CEOs say they want daily information about their cybersecurity posture and network's overall health, external threat level, and the resilience of the network.

Plus, 79% of CEOs strongly agree that cybersecurity is a strategic function that starts with executive leadership versus being a responsibility passed on to the IT team, 89% of these same CEOs report reliance on their IT team to make the budget decisions on cybersecurity.

Click here to add your comment

Please add your comment below
Your email address will not be published