IT disaster recovery, cloud computing and information security news

Almost half of boards lack real understanding of cyber threats: survey

45 percent of cyber security professionals believe their board of directors have a major gap in their understanding of cyber risk, or simply don’t understand the risk at all. This is despite over half (54 percent) of boards being ultimately accountable for the cyber strategy. This is according to the second annual Harvey Nash / PGI Cyber Security Survey, representing the views of almost 200 senior cyber security professionals.

The survey also reveals that lack of cyber risk awareness affects the senior executive team: one third of cyber professionals (33 percent) believe their CEO has major knowledge gaps and almost half (49 percent) believe so for their CFO. CMOs, many of whom have increasing responsibility for customer data and driving customer facing digital strategies, were also rated poorly in the survey, with 43 percent of cyber professionals believing they had major knowledge gaps, and one in ten (11 percent) believing they had no cyber risk awareness at all.

Whilst most cyber professionals feel their organizations have the basics covered, 85 percent still think there is more to do, and one quarter (26 percent) believe there is significantly more work to do.
The top three factors holding back the cyber security strategy were: budget (selected by 57 percent); security aware culture (49 percent) and understanding of the real threat (43 percent).

The survey also reveals that four in ten (38 percent) of cyber leaders believe they lack the internal skills to achieve their security strategy. The skillsets most in demand were senior or business focused, rather than technical, with 50 percent citing they lacked security architects, 43 percent lacking training and awareness skills and 38 percent lacking project managers and leaders.

About the survey

The Harvey Nash / PGI Cyber Security Survey represents the views of 176 senior information security professionals. 16 percent of respondents were CISO, 27 percent were head of infosec or security manager and 9 percent were CIO. The remaining 48 percent were spread between a range of roles including IT leaders with responsibility for security, security specialists and senior management.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.


A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.