Execs: We’re Not Responsible For Cybersecurity

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey.

More distressing is that 40 percent of executives said they don't feel responsible for the repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq.
"I think the most shocking statistic was really the fact that the individuals at the top of an organization — executives like CEOs and CIOs, and even board members — didn't feel personally responsible for cybersecurity or protecting the customer data," Damato told CNBC's "Squawk Box" recently. "As a result they're handing this off to their techies, and they're really just placing their heads in the sand right now," he said.

The findings come at a time when companies around the world are losing $445 billion due to cybercrime last year, according to an estimate by the Center for Strategic and International Studies.

The frequency and severity of cyber penetrations, as well as the sophistication of hackers, has increased dramatically, said Lou Modano, chief information security officer at Nasdaq.

"What has not kept pace with that is the education level, the understanding of the impact of cyber across all industries," he told "Squawk Box."

While the topic is complex, executives need to be educated about cybersecurity and become fluent in the issue, Damato said. Further, the corporate world lacks a standard measure for cybersecurity, which means companies cannot be assessed by a common metric, and executives have no rubric to determine their performance, he added.

Other findings from the study showed that 98 percent of the most vulnerable executives have little confidence their firms constantly monitor devices and users on their systems.

The survey was conducted by Goldsmiths and included responses from 1,530 nonexecutive directors and C-level executives in the United States, United Kingdom, Germany, Japan and Nordic countries.

CNBC: http://cnb.cx/1Y3YHME

« Will Capitalism Survive The Robot Revolution?
The Next Decade Will Be About The Industrial Internet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Illumio

Illumio

Illumio delivers adaptive security for every computing environment, protecting the 80% of data center and cloud traffic missed by the perimeter.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Cyberkov

Cyberkov

Cyberkov services include Pentesting, Vulnerability Assessments, Digital Forensics, Incident Response, Source Code Analysis and Security Training.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Digi International

Digi International

Digi is a leading global provider of mission-critical and business-critical machine-to-machine (M2M) and Internet of Things (IoT) connectivity products and services.

Abacode

Abacode

Abacode is a Managed Security Services Provider (MSSP). We help businesses consolidate all of their Regulatory Compliance & Cybersecurity needs, under one roof.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

QANplatform

QANplatform

QANplatform is a Quantum-resistant hybrid blockchain platform.

Triovega

Triovega

Triovega are a leading provider for production security and efficiency. Our solutions enhance OT security, and reduce production downtime.