CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
C-suite cybersecurity disconnect puts business value at risk
A significant gap in cybersecurity perception between chief information security officers and other C-suite executives is leaving organizations vulnerable to threats, according to new research from EY. The survey of 800 US C-level executives found 84% of organizations experienced a cybersecurity incident in the past three years, with affected Russell 3000 companies typically seeing a 1.5% stock price decrease over the following 90 days.
Two-thirds of chief information security officers (CISOs) worry that cybersecurity threats are more advanced than their defenses, significantly more than their C-suite counterparts (56%). This perception gap extends to the source of threats, with CISOs more likely to attribute incidents to cybercriminals (57% vs. 47% of other executives) and inside threats (47% vs. 31%).
The research also reveals disagreement about what’s working in cybersecurity, with CISOs more likely to attribute decreased incidents to AI investments (75% vs. 68%), while other executives favor employee training (77% vs. 69% of CISOs).
Other key…
