Executive Insights and Concerns for IT Security
Exploring the Perception of IT Security Among Top Executives and Their Strategic Approaches in the Face of Global Challenges
Strategically declaring data security is crucial due to increasing corporate IT complexity and integration of the Internet of Things (IoT). What is the importance of IT security at the top of the executive floors? What else is moving the bosses when it comes to IT security?
This is exactly what the IT security company Sophos wanted to find out in a broad study. IPSOS surveyed C-level managers across three countries in early summer, focusing on their perspectives on IT security. IT staff was expressly excluded.
Some important findings from the study in the overview:
- IT security is not a top priority in most countries. The IT departments are responsible. A third of the companies rely on external IT services.
- World political situations and war have little influence on security awareness among managers. Only a third sees the view of IT security due to the current global political situation.
- The executive floors are safe with IT security. The majority state that they have been well-prepared for a long time.
- C-level managers in particular expect economic consequences through cyber attacks. The focus is on recovery costs or disorders of commercial processes. Very few expect the loss of customers and employees as well as possible failures as part of the supply chains.
IT security is not a top priority
The majority of managers surveyed (81%) claim high to very high awareness of IT security. Over 60% of respondents say their companies have elevated IT security to higher management levels in the past three years.
However, there’s a contradiction. The larger the company, the less management handles IT security. In companies with more than 200 employees, only 1.9% report that IT security is managed at the executive level. For smaller companies with up to 199 employees and those in retail, around 22% of bosses remain involved in IT security.
In larger companies, 49.1% assign IT security to their IT departments, while 36.5% of smaller companies do the same. Additionally, about a third of both large (35.8%) and small companies (33.1%) rely on external service providers for IT security.
With 35.8 percent in the larger and 33.1 percent among smaller companies, a good third of all companies also transfer responsibility for their IT security to external service providers.
Executive floors think they are in IT security
Sophos also explored whether global politics and the ongoing war in Europe have changed the perception and importance of IT security over the past two years.
Around 23% of respondents from companies with over 200 employees and 36% from smaller companies said cybersecurity had become more important.
However, most feel secure. Around 53% of smaller companies and 70% of larger ones believe they have maintained their cybersecurity awareness and were already well-prepared over the past two years.
Cyber attack sequences: these are the greatest concerns
Considering the consequences of a cyber attack, the most mentioned costs on executive floors are the necessary restoration of business operations. The possible interruptions of the commercial processes are the second most common in the focus.
An interesting aspect here: Problems in the context of the supply chains suspect even fewer respondents (23 percent) than a possible loss of image (28 percent). In the processing trade alone, and that is not a big surprise, almost 37 percent of those surveyed assume that the supply chains may be affected.
On the other hand, the leaders are hardly important to the loss of customers or employees as a result of cyber attacks: 19.4 percent and even fewer (1.5 percent) fear loss of customers losses to losing employees.
Even insolvency (9.5 percent) and fines due to data protection violations (5.5 percent) are hardly seen as risks, only in Switzerland, there is a little more concern: Almost 22 percent expect insolvency and 11.8 percent of fine payments as possible Consequences of cyber attacks.
Final Words
In today’s evolving digital landscape, the importance of IT security cannot be overstated. As cyber threats continue to grow, businesses must prioritize cybersecurity at all levels, from IT departments to executive leadership.
Now is the time to reassess your organization’s security posture and implement robust measures to safeguard your data and operations. Stay proactive and informed—subscribe to our newsletter for the latest insights, strategies, and updates on cybersecurity and data protection to keep your business secure.