Only 1 in 7 security chiefs report to the CEO
While 82% of company boards worldwide are concerned or very concerned about cybersecurity, few security chiefs report directly to the CEO, according to a study by ISACA and RSA Conference.
The global study of security industry professionals shows that only 14% of CISOs report to their CEO, and 7% report to the board, indicating a continuing gap between the beliefs and actions of board members in terms of cybersecurity.
Instead, 63% of CISOs report to the CIO, the research shows. The report states that this is an “unfortunate” reporting structure, as it positions security as a technical issue rather than a key business concern.
Yet 74% of security professionals expect to be cyberattacked in 2016, and 30% experience phishing attacks every day.
In addition, only 75% of respondents were confident in their team’s ability to detect and respond to security incidents, down from 87% in 2014. Even among this 75%, six in 10 don’t believe their staff can handle anything beyond simple cybersecurity incidents.
Finding the talent to increase preparedness is a major issue, with 56% of security leaders stating that fewer than half of job candidates are considered ‘qualified upon higher’, and 26% needing six months to fill a cybersecurity position.
“The lack of confidence in current cybersecurity skill levels shows that conventional approaches to training are lacking,” ISACA Chief Knowledge Officer Ron Hale said.
“Hands-on, skills-based training is critical to closing the cybersecurity skills gap and effectively developing a strong cyber workforce.”
Too much of a good thing: Australia's cyber overlap issue
Recent research indicates many organisations may have too many security systems with overlapping...
The true cost of cyber attacks
The average annual expense of recovering and dealing with cyber attacks has surpassed AU$4.1...
Tackling the human element in modern authentication: the phishing-resistant user
Integrating human-centric cybersecurity strategies is not merely an option but a necessity in...