A leading cybersecurity company recently surveyed hundreds of top-level security and IT pros to uncover that many believe one of the most serious risks to their organizations is a disconnect between their team and their CEO.
An amazing 54% of those surveyed revealed that while they have implemented specific plans to thwart possible attacks, their CEO is ignoring the program.
Also astonishing was the paradox that while 95% of those surveyed were concerned that loose security of employee-owned Internet of Things devices like smartphones and smart home devices could be the point of entry; 38% reported that they did not know what devices their CEOs have and utilize when they are offsite or at home.
While many CEOs “talk the talk” in boardrooms and with staff, many still view cybersecurity as an IT issue that is housed with IT.
One must ask the question, "Why are so many so unprepared?". There are some quick answers like entrepreneurs tackling issues when they arise rather than putting time and cash into “assurance possibilities” or simply not wanting to appear uneducated when discussing the issue.
As a former CEO and having recently facilitated CEO roundtables on this issue, it is clear that while all share this concern, many simply “don’t know what they don’t know”. While many large companies have the resources to hire the best and brightest to lead their security efforts, most small to medium-sized organizations do not have the bandwidth or resources for full-time attention to this issue.
Boards and CEOs must address this issue as their responsibility. Having an overarching cybersecurity plan beyond an insurance policy is essential. In Q1 of this year, Forbes reported that more CEOs fear a cyberattack than a recession in 2019 and 2020.
One of my favorite (yet cringeworthy), true stories is from a CEO of large, international employer in Milwaukee sharing that one test they failed miserably was dropping a bag full of thumb drives with their company logo around the parking lot at their headquarters. To his shock, several were brought in and inserted into computers. Even more amazing, two who did so were on the executive team.
This goes to show that some of the most brilliant and high-ranking professionals in your organization are often the furthest behind the curve on protecting your organization at work and at home. And, while thumb drives have gone "the way of the Dodo" at companies, the explosion of smart home and smart devices is proving fertile ground for hackers and ransomware.
One of the most cost-effective ways to address this issue is with a managed service provider that will audit and protect your network and devices that are connected to it while providing expert consulting and planning. You can also have an expert work in a fractional role to have the highest level of expertise without the cost of a full salary and benefits.
Topics
Share this article