Training & Security Leadership
A Comparative Study on Cyber Risk: Business vs. Security Perspectives: Survey Results Executive Analysis
Insight from David Homovich, Office of the CISO, Financial Services, Google CloudBusiness leaders and security leaders agree on the importance of cybersecurity, but there are significant differences in how the two groups perceive and prioritize the threats and view the role of the other party.
In H2 2023, Information Security Group (ISMG) in partnership with Google Cloud, surveyed 343 senior executives at major enterprises globally, divided into two groups of respondents: cybersecurity professionals and executive board members who are not cybersecurity professionals, to compare and contrast their perspectives on the role of cybersecurity in relation to organizations achieving their business or mission goals.
There is a need for greater communication so that each group might aid the other in their understanding. According to the report, board members’ advice to CISOs reporting to the board includes: "Keep it short and to the point, but don’t pull any punches. They [the board members] need to understand the risk," and, “Don’t provide assurances that you can’t back up and always be honest. Tell the truth.”
In contrast, CISO advice to the board members includes: “No matter how bad the CISO makes it sound, it’s worse,” and, “Listen carefully.”
View this expert analysis interview with David Homovich, Office of the CISO, financial services, Google Cloud, of what both boards and cybersecurity professionals perceive to be the main challenges around communicating cybersecurity risk and addressing or mitigating vulnerabilities.
Download the full report, and use these results to benchmark your organization against competitors, replicate best practices, and avoid common pitfalls.