Senior Managers Need Higher Cyber Security Awareness Than Other Employees

Uploaded on 2023-10-30 in TECHNOLOGY--Resilience, FREE TO VIEW

Cyber security awareness is finally increasing across senior managers, according to data from specialist cyber security training firm, SoSafe. With 50% of companies having been victims of hacking over the last 3 years, cyber risks are more and more present, but 56% of security experts claim their top-level management teams are focusing more on cyber security than they were last year.  

Cyber risk awareness among leadership is also correlated to whether a company has the resources, i.e. headcount and budget, that they need to tackle potential threats. 

According to the data: the organisations where top management are aware of the cyber risks are 67% more likely to have sufficient resources to defend themselves from cyber attacks than in organisations where senior roles are unaware of the threat landscape. Meanwhile, among companies lacking adequate security resources, just 15% of top managers prioritise their security culture.  

According to Psychologist & CEO at SoSafe, Dr Niklas Hellemann, “Management shapes the values of a company, which is why it’s essential for senior leaders to ‘walk the walk’ in cyber risk if they want to nurture strong security cultures... It’s good to see that facing the current cyber threat landscape, the top management awareness is where we need it to be: Cyber security is starting to get a seat at the executive table."

Top managers are becoming more aware of the importance of cyber security and their role model function within organisations. Only with these conditions, employees can succeed at internalising values and secure behaviours around cyber security awareness. 

Despite the need of top management awareness to make cyber security a part of the organisational culture, it’s also necessary from the actual risk perspective: SoSafe’s data reveals that top management is more susceptible to clicking on malicious email links from hackers than their employees are; the average click rate among managers is 60% higher than for other user groups, making them particularly vulnerable to an attacker. 

SoSafe’s data also reveals that senior managers are more likely to report a suspicious email (20%) than employees (8%) are, which again proves that security awareness among top management is rising. 
 
Dr Niklas Hellemann said: “Senior roles are an attractive target for cybercriminals - they have the highest access level and decision-making power, and there’s a strong threat of senior execs being impersonated by hackers with information they’ve provided, for example through CEO fraud or other AI-based attacks. 

“This is why it’s even more vital for those in leadership roles to set an example and be role models for the rest of their team, as well as to protect themselves.” said Hellemann.

You Might Also Read: 

Cyber Security Awareness Training For Management & Employees:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cyber Risk & Ransomware In 2023
Prime Minister Sunak Identifies The Risks & Potential Of AI »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Landry & Associates

Landry & Associates

Landry & Associates is a multidisciplinary firm specializing in risk management, performance and technology management.

Seclore

Seclore

Seclore is the most advanced, secure, and automated Enterprise Digital Rights Management (EDRM) solution available.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

KIOS Center of Excellence (KIOS CoE)

KIOS Center of Excellence (KIOS CoE)

KIOS carries out top level research in the area of Information and Communication Technologies (ICT) with emphasis on the Monitoring, Control and Security of Critical Infrastructures.

Digital Security

Digital Security

Digital Security is an Ecuadorian company specialized in providing comprehensive information security solutions.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

eaziSecurity

eaziSecurity

eaziSecurity has built an eco-system of technology and services that bring enterprise scale security solutions to the SME marketplace.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

BlockSec

BlockSec

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top security researchers and experiencedexperts from both academia and industry.

EdgeWatch

EdgeWatch

EdgeWatch is a platform that helps information accredited security practitioners discover, monitor, and analyze devices that are accessible from the Internet.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

V3 Cybersecurity

V3 Cybersecurity

V3 Cybersecurity is a unique company focused on contextualization of security programs from a business perspective. Our mission is to provide enterprise IT Risk Management capabilities.

Buguard

Buguard

Buguard is a multi-award-winning supplier of Application Security Assessments and GRC services.

Cyrex

Cyrex

Cyrex is a Web3 security and development company. Our mastery over decentralized applications, smart contracts and blockchain will keep you secure across Web3.

Zluri

Zluri

Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management and Identity Governance.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.