Do boards of directors actually care about cybersecurity?

Survey says business leaders probably don’t care as much about cybersecurity as they say they do

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

There’s no shortage of arguments that cybersecurity needs to be aligned with the needs of the business, or that security is now a “boardroom issue.” And it seems that a new report or study is issued every day that states that boards of directors are more involved with their organizations’ cybersecurity efforts than ever before.

That’s the established narrative, but is it so? Our recent  2015 US State of Cybercrime Survey of more than 500 respondents, including US business executives, law enforcement services, and government agencies, throws a bit of cold water on those findings

The cybercrime survey found that organizations come in three variants when it comes to board alignment: horrendous, adequate, and excellent. First the horrendous and adequate. Nearly a third, 28 percent, of respondents said their security leaders make no presentations at all to the board, while one-in-four, or 26 percent of CISOs, or their organization’s equivalent, provides an annual presentation to their board of directors.

To continue reading this article register now

Join the discussion
Be the first to comment on this article. Our Commenting Policies