han-Brown
Q . WHY IS THERE SUCH A HUGE DISCONNECT BETWEEN THE PERCEPTION HELD BY CEOS AND OTHER POSITIONS SUCH AS CFOS , WHEN IT COMES TO THEIR FIRM ’ S ABILITY TO WITHSTAND A CYBERATTACK ?
» Our recent research showed that 63 % of CEOs think their firm is well prepared to withstand a cyberattack , however , as few as 14 % of CFOs were confident , and only 52 % of other C-suite officials were confident about their cyber resilience . While CEOs hold great understanding of the capabilities and risk involved within their company , a key part of their role is to be positive and convey confidence to assure their employees , customers , and investors that the organisation is a safe and stable business . CEOs are unquestionably extremely busy people who often oversee a dozen different projects at the same time , and clearly could use a help-inhand when it comes to making cybersecurity decisions .
Unlike other positions , CEOs don ’ t have the luxury of spending all their time on one project or issue , therefore only a select amount of information is shared with them . As a result , CEOs do not always understand the full impacts of a cyber incident , the monetary value of resources , and the potential security risks that exist within their systems . When organisations don ’ t have the full picture , then they cannot make effective decisions .
This false sense of security is even clearer when you look at the difference in confidence when it comes to security planning and preparation . For example , 56 % of CEOs also believed their company was constantly reviewing risk plans , compared to just 32 % on average for executives in other fields .
Other executives such as the CFO , need to be brought into the conversation so that effective decisions can be made around cyber risk .
Q . WHY DO CFOS NEED TO BE IN THE DECISION-MAKING ?
» Whenever we read about the latest ransomware breach or cybersecurity incident in the news , one of the first things mentioned is the financial cost to the organisation . cybermagazine . com 21