Execs: We’re Not Responsible For Cybersecurity

Uploaded on 2016-04-13 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

More than 90 percent of corporate executives said they cannot read a cybersecurity report and are not prepared to handle a major attack, according to a new survey.

More distressing is that 40 percent of executives said they don't feel responsible for the repercussions of hackings, said Dave Damato, chief security officer at Tanium, which commissioned the survey with the Nasdaq.
"I think the most shocking statistic was really the fact that the individuals at the top of an organization — executives like CEOs and CIOs, and even board members — didn't feel personally responsible for cybersecurity or protecting the customer data," Damato told CNBC's "Squawk Box" recently. "As a result they're handing this off to their techies, and they're really just placing their heads in the sand right now," he said.

The findings come at a time when companies around the world are losing $445 billion due to cybercrime last year, according to an estimate by the Center for Strategic and International Studies.

The frequency and severity of cyber penetrations, as well as the sophistication of hackers, has increased dramatically, said Lou Modano, chief information security officer at Nasdaq.

"What has not kept pace with that is the education level, the understanding of the impact of cyber across all industries," he told "Squawk Box."

While the topic is complex, executives need to be educated about cybersecurity and become fluent in the issue, Damato said. Further, the corporate world lacks a standard measure for cybersecurity, which means companies cannot be assessed by a common metric, and executives have no rubric to determine their performance, he added.

Other findings from the study showed that 98 percent of the most vulnerable executives have little confidence their firms constantly monitor devices and users on their systems.

The survey was conducted by Goldsmiths and included responses from 1,530 nonexecutive directors and C-level executives in the United States, United Kingdom, Germany, Japan and Nordic countries.

CNBC: http://cnb.cx/1Y3YHME

« Will Capitalism Survive The Robot Revolution?
The Next Decade Will Be About The Industrial Internet »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Inter-American Cooperation Portal on Cyber-Crime

Inter-American Cooperation Portal on Cyber-Crime

The Inter-American Cooperation Portal on Cyber-Crime was created to facilitate and streamline cooperation and information exchange among government experts from OAS member states.

Fraud.com

Fraud.com

Fraud.com ensures trust at every step of the customer's digital journey; this complete end-to-end protection delivers unified identity, authentication and fraud detection and prevention.

Cloud GRC

Cloud GRC

Cloud GRC is an innovative cybersecurity company with solutions and expertise in Cybersecurity Strategies & Frameworks, Threat & Risk Assessment, Cloud Security, and Regulatory Compliance Requirements

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

Oivan

Oivan

Oivan harnesses the strengths of the web, mobile, cloud, cybersecurity, and blockchain technologies to help our clients to launch transformative digital services.

Project Cypher

Project Cypher

Project Cypher leverages the latest cybersecurity developments, a world class team of hackers and constant R&D to provide you with unparalleled cybersecurity offerings.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

itm8

itm8

itm8 is a Nordic digital transformation partner offering a wide range of services in IT operations and Cloud Services, Digital Transformation, Application Services, ERP, and Cyber Security.