Cybersecurity analytics firm RedSeal has revealed that there is a disconnect between CEOs confidence in cyber defence strategies and actual results.
The survey, which is based on 200 CEOs from various industries, such as technology, finance, manufacturing, government and retail, discovered that 80% of CEOs are confident in their company's cybersecurity strategies, regardless of the fact that security incidents have increased by 66% year-on-year since 2009.
Ray Rothrock, chairman and CEO of RedSeal said: "CEOs are underestimating their companies' cyber vulnerabilities. Their confidence does not square with what we observe. Cyber-attacks are up and financial losses associated with these attacks are increasing dramatically."
study also found that half of the CEOs still prioritise keeping hackers out of
the network, versus just 24% who were concerned with building
capabilities to deal with hackers who have successfully breached their
network's perimeter defences.
cyber battleground is inside the network, not at the perimeter," added
Rothrock. "Firewalls, virus detectors, and malware scans are required to keep
out 99% of the bad guys, but the 1% who get in can cripple a firm, critical
infrastructure or a government agency."
the study highlighted that while 87% of CEOs agree that they require a better
way to measure the effectiveness of their cyber investments, 84% will increase
spend next year, despite security budgets being high. Another problem faced is the
lack of timeliness, 90% of CEOs say they want daily information about their
cybersecurity posture and network's overall health, external threat level, and
the resilience of the network.
Plus, 79% of CEOs strongly agree that cybersecurity is a strategic function that starts with executive leadership versus being a responsibility passed on to the IT team, 89% of these same CEOs report reliance on their IT team to make the budget decisions on cybersecurity.