Your Directors Don’t Understand Cyber Threats Endangering Business (£)

Uploaded on 2016-03-14 in Directors Reports

At CSI we have surveyed, reviewed and interviewed directors and we have found that 41 % of IT directors do not have faith in their board’s comprehension of cyber security. However 67% of non-IT Directors we spoke, surveyed and discussed cyber with, say they do not really understand the cyber security issues that are and may affect their business. 

Over forty percent also said that their CEO lacks comprehension of the cyber issues that are and might affect their organisation. 

Nearly 90% of all Board Director think there is a lot more to be done with Cyber Security within their organisation and over 30% say they have not had adequate review and discussions about the subject. 

72% say they have not had any independent reviews or reports about the business’s threat levels and the action that was being taken on a regular basis to counter the attack threats.

This unfortunately does not suggest a way forward that is more secure and regular cyber security audit is recommended, but, at present, these are not a common process.

Over 80% of the organisations interviewed had experienced a cyber security problem in 2015/14 and the IT departments claismed that now they are more secure, however the research in the last quarter of 2015 does not support this position.

One of the major problems going forward is that the organisation’s IT tends to secure itself only against previous types of cyber security issues and does not explore and keep a clearer understanding of the changing cyber-scape and the threat processes being used.

Malware and phishing was the common attacks reported in 2014/15 however ransom-cyber threats have considerably increased in the latter part of 2015 and more of the organisations have not taken this into the on going strategy plans.

Discussions and presentations with staff is vitally important and understanding their levels of security comprehension is very important but many of the organisations were not changing and continually reviewing this process.

The use of different types of security technology by different parts of the organisation without the understanding of the IT department is a wide area of potential problems where the walls and gaps in the security are not being reviewed or sealed. So-called, Shadow IT is a major problem for all organisations that do not clearly engage and understand the security being employed by their own work force.

The problem of rogue employees is a growing problem with businesses that do not listen and understand their employee concerns and issues. Internal attacks have grown considerably and this needs to be taken very seriously by senior management.

 

« Hard Lessons From The Cyberattack On Ukraine
Six Things Every Board Member Should Know About Cyber Security (£) »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Cyberhaven

Cyberhaven

Cyberhaven provides rapid enablement for GDPR and CCPA compliance, streamlined data security and modern risk management.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

Accredia

Accredia

Accredia is the national accreditation body for Italy. The directory of members provides details of organisations offering certification services for ISO 27001.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

Macomb-OU Incubator

Macomb-OU Incubator

Macomb-Oakland University Incubator supports startup and emerging companies in the niche industries of defense, homeland security, advanced manufacturing and technology.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Britive

Britive

The Britive Platform is a cloud-native security solution built for the most demanding cloud-forward enterprises.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

HLB System Solutions

HLB System Solutions

HLB System Solutions: Empowering businesses with proactive IT management, consulting, security, and cloud solutions. Seamless tech for growth!

Tracer

Tracer

Tracer is a next-generation brand protection solution. It constantly finds, analyzes, and stops brand abuse across Web2 and Web3 digital channels.