Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a study conducted by Dimensional Research on the cybersecurity literacy challenges faced by organisations.
The study, carried out in May 2015, evaluated cybersecurity risk decision-making and communication between IT security professionals, executive teams and boards.
Study respondents included 200 IT security professionals at U.S. companies with annual revenues of more than $5 billion, and 151 IT professionals from U.K. organisations with annual revenues over £500 million.
Key findings include:
- IT professionals in the U.K. (71 per cent) were more likely to consider their corporate board to be cybersecurity literate than their U.S. counterparts (57 per cent).
- 71 per cent of the U.K. respondents said their company’s corporate board had a member responsible for cybersecurity, only half (50 per cent) of U.S. IT professionals said this was true for their organization.
- Nearly a third (32 per cent) of U.S. respondents believed the information presented to the board did not accurately represent the urgency and intensity of the cyberthreats targeting their organisation. Only 13 per cent of U.K. IT professionals answered similarly.
“Cybersecurity is definitely a boardroom issue, and I’m encouraged that more organisations are engaging on this topic,” said Dwayne Melancon, chief technology officer for Tripwire. “However, engaging and doing so effectively are two different things.”
When asked which major security event had the biggest impact on their board’s cybersecurity awareness, 34 per cent of U.K. respondents said an internal security breach at their organisation. However, 74 per cent of U.S. respondents said high-profile external breaches, such as Sony Pictures, Target and the Snowden leaks, had the most impact.
Melancon continued, “From my experience, I believe some of the respondents may be overly optimistic about the cybersecurity literacy of their boards, which could be a challenge. Fortunately, a good number of organisations recognise that their current approach to depicting cybersecurity status falls short of their goal of creating an appropriate sense of urgency within their executive ranks.”
For more information about the survey, visit the Tripwire website.
The post US IT Professionals Less Confident in Board Level Cybersecurity Literacy than UK Counterparts appeared first on IT SECURITY GURU.