Understanding Security Gap for Execs

Monday, April 11, 2016 @ 11:04 AM gHale


Security is all about making people or departments accountable.

What remains interesting is 40 percent of executives said they didn’t feel responsible for the impact of a cyber attack and a lack of understanding concerning cyber security could be a contributing factor, a new study found.

RELATED STORIES
Modernization Offers Security Challenges
Insider Threats in All Companies: Report
Hacking Costs on Decline
Patching Tool Under Scrutiny

Cyber security should be something for which all executives feel responsible, according to a study commissioned by endpoint security firm Tanium and NASDAQ. The Accountability Gap: Cybersecurity and Building a Culture of Responsibility asked 1,530 non-executive directors, C-level executives, chief information officers, and chief information security officers from around the world.

The survey found more than 90 percent of corporate executives said they cannot read a cyber security report and do not feel prepared to handle a major attack.

In addition, the report found only 10 percent respondents agreed they are regularly updated with information about the types of cyber security threats to their business.

The survey found only 9 percent said their systems were updated regularly in response to new
cyber threats.

To help executives gain better insight to the cyber security of their firms, they should have meaningful metrics and education on how to interpret this information.

The study also found 98 percent of the high vulnerable executives, which the report defines as those with a low awareness of the actions required to obtain good cyber security, are not confident their organization tracks all devices and users on their system at all times and 87 percent of that same group of executives also said they did not consider their anti-malware solutions or patches to be current.

In order to reduce organizations’ vulnerability and close the accountability gap researchers recommend that firms educate the entire staff, starting with the board on cyber security issues “and innovate continuously with cybersecurity in mind.”

“Open communication and accountability at all levels is key to a successful culture of responsibility, and these actions can serve as a north star for developing a holistic security posture that ensures your people, processes, and technology are set up for success,” the study said.

Click here to register to download the report.