View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 17, 2016updated 04 Sep 2016 10:10pm

C-Suite needs to recognise threat of organised cyber crime says IBM

News: Rift between CIOs and their C-Level colleagues on combatting cyber crime exposed.

By Charlotte Henry

IBM Security has just released a new study, which reveals that the C-Suite are not aligned on how to combat cyber criminals. While77% of Chief Risk Officers (CRO’s), and 76% of CIOs/CTOS report that their firm’s cyber security strategy is well established, just 55% of CFOs and 51% of CEOs report the same.

The report, "Securing the C-Suite, Cybersecurity Perspectives from the Boardroom and C-Suite," also found that while 50% of CEOs agreed that collaboration is necessary to combat cyber crime, just one third of them were willing to share their organisations’ cyber security incident information externally, with 68% reluctant to share such information externally.

This is in direct contrast to the growing collaborative ability of cyber criminals operating and sharing information on the dark web.

It also found that 70% of C-Level executives think rogue individuals make up the largest threat to their organisations, despite a major UN report from 2013 highlighting strong evidence to the contrary.

Its Comprehensive Study on Cybercrime found that "upwards of 80 per cent of cybercrime acts are estimated to originate in some form of organised activity, with cybercrime black markets established on a cycle of malware creation, computer infection, botnet management, harvesting of personal and financial data, data sale and "cashing out" of financial information."

"The world of cybercrime is evolving rapidly but many C-Suite executives have not updated their understanding of the threats," said Caleb Barlow, Vice President, IBM Security.

Due to the sensitive data that they manage, Marketing, Human Resource, and Finance are key targets for cybercriminals. Despite this, IBM Security found that around 60% of CFOs, CHROs, and CMOs accept that they and their divisions are not actively engaging in cyber security strategy and execution.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Indeed, only 57% of CHROs said that they have rolled out cyber security training for employees, which many cyber security experts highlight as critical for improving a firm’s cyber security ability.

"While CISOs and the Board can help provide the appropriate guidance and tools, CxOs in Marketing, Human Resources, and Finance, some of the most sensitive and data-heavy departments, should be more proactively involved in security decisions with the CISO," said Caleb Barlow.

While C-Level executives do seem to understand the scale of the threat, with nearly of those surveyed, (94%) believing there is some probability that their firm will experience a significant cyber security incident in the next two years, only 17% feel prepared and capable to respond to these threats.

The C-Suite thinks that employee-furnished mobile devices are the biggest cyber security threat, at 57%, closely followed by social media and channel systems at 54%. Applications are also a major cause of concern, with both enterprise mobile applications and cloud-based applications viewed as the riskiest part of IT infrastructure by 47%. This is followed by vendor/partner system integration points (42%), and data/analytics applications (38%).

The survey took in the views of over 700 C-Level executives from 28 countries, across 18 industries.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.