Over half (54%) of Chief Information Security Officers (CISOs) say the board fails to provide them with ample investment for cyberinitiatives, according to a new study by cybersecurity technology provider, Encore.
An independent study of 100 C-level executives, 100 CISOs and 500 office workers in the US and the UK sought to uncover the gap that remains between boards and security teams when it comes to addressing cyberdemands.
One of the primary findings of the study indicated that 50% of boards across both regions have cybersecurity at the top of their agenda, yet over 60% of CISOs feel unsupported in mitigating against cyberattacks.
“C-level hesitance to invest more in cybersecurity makes it near impossible for CISO’s to answer the hard question ‘are we safe?’” said Brendan Kotze, CDO and Co-Founder at Encore. “Ensuring risk is properly managed is worth the investment.”
Nearly half (49%) of C-level executives admit that having the right technology in place gives them the most confidence in the company’s cybersecurity strategy. However, only 44% of CISOs feel the same.
“Security officers not only have to defend the business against a vast amount of known and unknown attacks, but they’re also being asked to stake personal reputation when there is a lack of board confidence in the controls themselves, never mind the operation or compliance of those controls,” added Kotze.