INFOGRAPHIC constantly changing , many believe the C-suite either doesn ’ t try hard enough ( 26 %) or doesn ’ t want to understand ( 20 %).
There ’ s also disagreement between IT and business leaders over who ’ s ultimately responsible for managing and mitigating risk . IT leaders are nearly twice as likely as business leaders to point to IT teams and the CISO .
The research reveals that just 50 % of IT leaders and 38 % of business decision-makers believe the C-suite completely understand cyber-risks .
A total of 49 % of respondents claim that cyber-risks are still being treated as an IT problem rather than a business risk .
This friction is causing potentially serious issues : 52 % of respondents agree that their organisation ’ s attitude to cyber-risk is inconsistent and varies from month to month .
However , 31 % of respondents believe cybersecurity is the biggest business risk today and 66 % claim it has the highest cost impact of any business risk – a seemingly conflicting opinion given the overall willingness to compromise on security .
There are three main ways respondents believe the C-suite will sit up and take notice of cyber-risk :
• 62 % think it would take a breach of their organisation
• 62 % think it would help if they could better report on and more easily explain the business risk of cyberthreats
• 61 % say it would make an impact if customers start demanding more sophisticated security credentials p
www . intelligentcio . com INTELLIGENTCIO EUROPE 31