Half of company boards ‘lack real understanding of cyber threat’
22 January 2016 |
Nearly half of cyber security professionals say their boards of directors have major gaps in their understanding of cyber risk or do not understand it at all, according to a report.
Harvey Nash and PGI Cyber’s survey found that 45 per cent of information security professionals do not believe their boards’ knowledge is up to scratch.
That is despite 54 per cent of boards being ultimately responsible for cyber strategy.
Senior executives are also lagging behind in the eyes of security leaders, with a third believing their CEOs have major cyber security knowledge gaps.
Meanwhile, nearly half say the same of their CFOs and 43 per cent of their CMOs, despite these roles handling large quantities of sensitive company data.
While most cyber professionals feel their organisations have the basics covered, 85 per cent think there is more to do and one 26 per cent believe there is significantly more work to do.
Budget (57 per cent), security awareness (49 per cent) and understanding of the real threat (43 per cent) were the biggest factors holding back cyber strategy.
PGI Cyber managing director Brian Lord said: “Cyber security is as much about people as it is about technology.
“Whilst there is no doubt many boards are asking more questions about cyber security than they did five years ago, it is clear that there is much more to do to make organisations fully aware and prepared for the challenges of an increasingly global and digital world.”
The survey also highlighted ongoing concerns over cyber skills, with 38 per cent of security leaders saying they lack the internal skills to achieve their security strategy.
For more on the survey, see the Harvey Nash website.