A recent trend in the corporate world takes a very serious stance against cyber crime. This one however is aimed at employees. While 90% of c-suite execs say they lack the resources to defend against a serious cyber attack, 76% admit knowing a cyber event is imminent, of the 400 execs polled 1/3 say they will fire you for causing a cybersecurity breach.
TechRepublic – https://www.techrepublic.com/article/employees-beware-33-of-ceos-will-fire-you-if-you-cause-a-cybersecurity-breach/
The article was written from a report by Nominet Cyber Security who surveyed 400 execs from US and UK.
In the aftermath of a breach, executives reported confusion in terms of collaborating to resolve the issue, the report found. While 54% of CISOs said they would receive assistance from other members of the C-suite, only 38% of C-suite members said they would work with the security team to solve a security issue. TechRepublic
I am not sure how this makes sense at all, especially if you are a c-level exec. Isn’t the main responsibility of c-suite execs the security and continued operation of the enterprise. If they are unwilling to work with their CISO/Security team to ensure timely remediation of a breach then why are they even there? I would think they would want to lend assistance in whatever way they could.
It was a very interesting article but a huge question remained for me. With all these execs admitting their companies lack the appropriate resources to defend against an attack and their unwillingness to assist their security team, it seems they are willfully negligent in the event of a security incident. It also looks like they are all to willing to blame someone else for their lack of preparedness. Seeing how eager they seem to give an employee the axe, I wonder how are they educating their employees about cyber security?
Just a couple questions to close.
- Do you believe security is everyone’s responsibility(including c-suite)?
- If you(execs) are stating that employees are responsible for cybersecurity in your company, are you providing adequate training?
- If you do not provide adequate training for employees in cybersecurity best practices, aren’t you actually responsible for incidents that may happen?
What are your thoughts?
Are you ready to start teaching your employees to avoid phishing, scams and other potential security problems? This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE