Dive Brief:
- Most executives remain unprepared for, and even "willfully ignorant," of cybersecurity threats, a new survey from Tanium, NASDAQ and the University of London found, according to a San Francisco Business Times report.
- The survey of more than 1,500 C-level executives from a variety of industries found most aren’t giving cybersecurity enough credence, even though a breach has the potential to seriously harm their business.
- The study also found that 40% of respondents relegated cybersecurity as an IT problem and did not feel responsible for ensuring secure systems.
Dive Insight:
While IT may be the first line of defense, CEOs and other C-suite executives should understand that a breach could damage the entire business, and that they too are ultimately responsible. As an example, following the Target breach, executives were held accountable, according to the Business Times.
A recent report from PricewaterhouseCoopers found information security spending was up 24% between 2014 and 2015. But the increase in spending doesn't always translate into a coordinated, company-wide approach to protection, the study found.
An October report from cybersecurity research firms Ponemon Institute and CounterTack similarly found that 75% of companies surveyed admitted they are unprepared to handle cyber attacks. Half the respondents to the survey said they were taking a "wait and see approach" instead of putting proactive measures into action, though almost two-thirds of companies reported they were increasing their IT/security budgets.
