As cybersecurity issues become increasingly important, a new report from global cybersecurity firm ISTARI finds that CEOs must increase their cyber literacy.
Key Details
- Putting together a good team with a strong cybersecurity defense may not be enough to protect companies anymore—CEOs need to understand the information their cyber teams present to them.
- While company leaders may not need to learn the ins and outs of cybersecurity, they need to expand their education and become more informed about their team’s strategy and approach to protecting the company.
- When asked to guess how many servers its company had. Executive team responses ranged from four to 250. But the answer is 4,000.
- Focusing on prevention rather than a proactive approach to security could leave many companies with an exploitable weak point.
Why it’s news
In an increasingly digital and hostile business world, protecting data, assets, and communication is critical. The issue has become more than a technical one. The reality is that most companies will have their security breached. So the leadership issue becomes how to handle an attack and not merely how to prevent one, and that is why deep CEO-level knowledge is required.
While gathering information, ISTARI anonymously interviewed 37 CEOs of various global companies. During the interviews, ISTARI found how uninformed company leaders were about fundamental cyber-related issues.
In one example, a CIO asked the executive team how many servers the company had. Guesses ranged from four to 250. The answer was 4,000.
“That was an incentive for all of us to understand more. We realized we spend millions each year on this technology but don’t really understand it,” the CEO tells ISTARI.
The report also found that many companies still rely predominantly on preventative measures rather than actively countering cybersecurity threats. Cybersecurity experts have frequently told company leaders that prevention is not enough, Fortune reports.
“I learned the clear truth that all CEOs must know: You can never stop a cyberattack, you just do your best to limit the damage. The idea that you could ever actually stop it is nonsense because sooner or later, something will get through,” one CEO tells the researchers.