Security
Executives tend to feel cybersecurity issues are a problem only for their IT teams
Surprisingly, many executives admit to being completely unaware of the cybersecurity risks faced by their company.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
Surprisingly, many executives admit to being completely unaware of the cybersecurity risks faced by their company.
[dropcap]R[/dropcap]unning a business is a huge undertaking for executives. They have to deal with everything from stocks and finances to long-term product planning and marketing goals. But one aspect they’ve been willfully ignorant of? Cybersecurity.
Good cybersecurity protects the vital data on a business’s computers and networks from unauthorized access. This may sound like something that only the government and military needs, but it is actually essential for businesses, hospitals, banks and even the everyday internet user. As recent headlines show, the digital security threats to businesses are mounting, and their ability to counter them isn’t keeping up.
Accountability Gap Revealed
A recent collaboration between Tanium and Nasdaq sought to study business leaders’ awareness of cybersecurity issues and how well-prepared their company is to counter such threats. Their findings cast a sobering light on the state of cybersecurity in the business world. The results, compiled from a world-wide survey of 1,530 business leaders, show an “accountability gap” between leaders and the IT specialists they employ.
The survey measured two major aspects of cybersecurity: awareness and readiness. In terms of awareness, 91% of board members indicated that they can’t interpret a cybersecurity report. Furthermore, only 10% of the most vulnerable leaders are regularly briefed on digital threats to their business.
When asked about readiness, 98% indicated that their business doesn’t track all devices and users on their network at all times. Complicating matters, 87% believed that their antivirus software wasn’t kept up to date at all times.
Perhaps the most shocking statistic to come out of this study? Two out of five leaders stated that they don’t feel responsible for cyber attacks on their company.
Promoting Education
The research conducted by Tanium and Nasdaq shows that modern business executives are woefully out of touch with cybersecurity practices, the legal implications of bad security and their own IT staff. Fortunately, there are ways to educate business leaders without giving them information overload.
Taking the time to teach business leaders about basic cybersecurity and associated legal issues is a good place to start. Business leaders with even a small background in cybersecurity will be better able to relate to their IT team and understand the needs of the company. Comprehension of security reports will be less of an issue, and regular briefs will be more tolerable and informative.
Understanding Accountability
Along with a basic education on cybersecurity, it is important for business leaders to be aware of the legal and financial implications of a data breach. Breaches have the very real possibility of leaking trade secrets and sensitive customer information like Social Security or credit card numbers. For businesses, commercial insurance policies typically provide general liability coverage, but cybercrimes are not covered under this type of insurance. Furthermore, the company could face an extreme loss of stock value and public trust should sensitive information be leaked.
Depending on the nature of the information, lawsuits are a very real possibility as well. Executives need to realize that they are very much responsible for the culture of their company, including digitally. Were a breach to occur, they would be considered responsible in the eyes of the public and shareholders.
Making a Plan
Once leaders are receptive to improving cybersecurity, the business’s vulnerability will decrease. But it is important to remember that no business is completely immune to attacks. It is imperative for leaders to work with their IT teams to develop emergency plans for breaches, data leaks and malware attacks. The more prepared the leaders are, the better a business can weather an incident.
Many executives admit to being completely unaware of the cybersecurity risks faced by their company. However, with a little hard work and promotion of a culture of understanding, executives will be able to see that cybersecurity is a problem for the whole company to tackle — not just IT.