Security threats
Why CXOs Need a Better Cyber-security Education
Despite growing threats and a shortage of IT pros with security skills, only one-fourth of CXOs see recruiting and retaining security pros as a top priority.
More Frequent Attacks
More than 60% of CXOs said their companies have experienced at least one attack in the last 12 months; 11% were attacked between four and 10 times, and 5% experienced more than 10 attacks.
Lack of Knowledge
35% of CXOs do not know or are not sure what legally constitutes a data breach in their state.
Security Briefings
49% of CXOs are individually briefed on cyber-security issues weekly, 30% receive monthly updates, and 9% of CXOs are never briefed.
Risks to SMBs
However, in the case of small companies, 17% of CXOs at companies with less than $5 million in revenue and 20% at companies with fewer than 50 employees are never briefed on cyber-security issues.
IT Spending
27% of companies spend between 11% and 15% of their budget on IT, 15% of companies spend between 16% and 20%, while 17% spend more than 20% on IT. Additionally, 11% of companies with revenue of less than $5 million spend less than 1% of their budget on IT.
Training Budgets
17% of companies spend between 7% and 10% of their budgets on IT security and security awareness training, 17% spend between 11% and 15%, 13% spend between 16% and 20%, and 9% spend more than 20%.
Security Readiness
45% of CXOs believe their organizations are prepared for a cyber-attack, and 41% think they could be more prepared. What’s more, 3% said their organizations are not prepared at all, but this increases to 8% at companies with fewer than 50 employees, while 10% said they aren’t sure.
No Respect
25% of CXOs believe the recruitment and retention of skilled professionals is a critical cyber-security issue. It ranks sixth out of seven top priorities, just above shifting regulatory landscape.
Training Sessions
29% of CXOs would be interested in monthly training, 27% would be interested in quarterly training and 24 percent in weekly training. Only 2% said they would never be interested.
CXOs’ Security Relationships
24% of CXOs said they are in contact once per day with their firms’ chief information security officers; 27% said they are in contact once a day with the chief security officer; and 29% were in contact once a day with the CIOs. Meanwhile, 13% of CXOs said they are never in contact with the CISO or CSO, and 10% said they never have contact with the CIO.