Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Survey Highlights Communications Levels Between Security Pros and Executives

A new survey by the Ponemon Institute suggests that the walls between IT and the business side of the house have not fully come down.

According to a survey of nearly 5,000 IT security professionals around the globe, 31 percent of cyber-security teams never speak with their executive team about cyber-security. Of those that did, 23 percent did so annually. Only one percent spoke to executives weekly, while 11 percent did so quarterly.

A new survey by the Ponemon Institute suggests that the walls between IT and the business side of the house have not fully come down.

According to a survey of nearly 5,000 IT security professionals around the globe, 31 percent of cyber-security teams never speak with their executive team about cyber-security. Of those that did, 23 percent did so annually. Only one percent spoke to executives weekly, while 11 percent did so quarterly.

The survey – which was sponsored by Websense – fielded answers from security practitioners from 15 countries, including Australia, China, Germany and the United States. On average, each of the respondents had 10 years of experience in the field.

“This Ponemon Institute security survey highlights that a lack of communication, education and inadequate security systems is making it possible for cybercriminals to attack organizations across the globe,” said John McCormack, Websense CEO, in a statement.

Fifty-two percent said their companies do not provide cyber-security education to their employees, and only four percent plan to do so in the next 12 months. Only 38 percent believe their company is investing enough in personnel and technologies to be effective in executing its cyber-security objectives.

The biggest fears of the respondents were related to advanced persistent threats and the exfiltration of intellectual property. In fact, theft of IP (67 percent) and customer data (53 percent) were most often cited as the events that participants felt would compel their executive teams to spend more money on security initiatives. Twenty-nine percent said they would do a complete overhaul of their current enterprise security system if they had the money.

According to the survey, 42 percent of respondent said their organizations have undergone a cyber-threat modeling process. Ninety-four percent of those that did said they found it to be important for managing cyber-risk.

“Advanced persistent threats and data exfiltration attacks rank the top fears for IT security professionals,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in a statement. “These fears manifest because they believe their technology is in need of an overhaul and there is a widening gap in the knowledge and resource sharing among IT security professionals and executive staff. Encouragingly, the survey revealed plans for technology and education investment in place for the future.”

A complete copy of the report, including survey methodology, consolidated results and individual response rates by country can be read here.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.