Skip to main content

Majority of CEOs still not considered responsible for their firm's cybersecurity

Chief Executive Officers in the UK are still far from being considered responsible for keeping their organisations safe from cyberattacks, according to a new report by NCC Group (opens in new tab).  The report, which the risk mitigation and cybersecurity company just released, is based on a poll of 200 UK board of directors, where they were questioned on cybersecurity. Just 13 per cent said the managing director was responsible for cyberrisks in their company. 

Also, just nine per cent named the financial director. The biggest burden is still on the shoulders of CTOs and CIOs – 52 per cent.  “Boards continue to pass the cyber buck by delegating accountability to technical leads likes CIOs and CTOs. Cyber security is the responsibility of the CEO and the main board as it is the most significant issue facing businesses today,” commented Rob Cotton, CEO at NCC Group. “To address this we have created a Cyber Security Committee, and as CEO, I personally sit on the committee and assess the performance of the Group’s internal security and defences, reporting back on a monthly basis. 

To better promote board level ownership, NCC Group developed and released the Cyber Security Committee Toolkit – offering documentation which can help other companies launch their own, similar committees. “Boards fully discuss, report and become expert on accounting policies, health & safety, CSR and executive remuneration, however, this is not the case with a company’s most valuable assets: its data and information. It’s time to take control and be proactive,” Cotton continued.  “We’d welcome discussion with any company looking to set up a Cyber Security Committee.”

Image Credit: Den Rise / Shutterstock

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.