Are CIOs and CISOs Overconfident in Their Communications with the Rest of the C-Suite?

Published On: March 30, 2016

By Christophe Veltsos, PhD
@DrInfoSec
March 30th, 2016

As a leader have you stopped for a moment to consider “are CIOs and CISOs Overconfident in Their Communications with the Rest of the C-Suite?” Given the unmistakable importance of cybersecurity in the eyes of top leadership today, CIOs and CISOs are under pressure to provide clear, regular updates to the rest of the C-suite on the status of their organization’s cybersecurity efforts. A 2016 report from IBM’s Institute for Business Value entitled Securing the C-suite — Cybersecurity perspectives from the boardroom and C-suite sheds light onto the communication dynamics within the C-Suite. The survey of over 700 executives from a variety of countries, industries, and roles provides a clear warning for CIOs and CISOs: don’t overestimate how well you are communicating with the rest of the CXOs.

While 2/3 of the C-suite regards cybersecurity as a “top concern,” there are major disconnects about how well prepared CXOs view their organization. When CXOs were asked if “cybersecurity strategy of their company is well established,“ 77% of CROs and 76% of CIOs responded yes; however, this is in sharp contrast to only 51% of CEOs, 55% of CFOs, and 61% of CHROs. When those same CXOs were asked if they were “very engaged in security threat management discussions,“ while 56% of CIOs responded yes, the rest of the C-suite did not appear to agree: only 45% of CEOs, 38% of CFOs, and 41% of CHROs agreed.

Some the key recommendations from the report are to have regular discussions about cybersecurity and incident response plans, and to involve key stakeholders in the C-suite, such as the CRO, CFO, CHRO, and those responsible for the supply chain.

A platform like TrustMAPP helps elevate the discussion about the organization’s current readiness and future plans for cybersecurity. It helps bring everyone in the C-suite to the table, and ensures that progress can be explained, tracked, and improvements can be appropriately prioritized and budgeted for. There doesn’t have to be a disconnect in the C-suite; let TrustMAPP help your organization communicate clearly about cybersecurity.

Browse These Topics

Tags

Assess Company's Security Readiness automate and visualize information security risk management better understanding of their information security management boost the confidence of board members boost the protection of your data corporation’s information security create a security roadmap cyber attack Cyber defense experts cyber security determining cyber risks developing security programs across the business Easy to Understand Data Security Solution effective cyber security software Effective Data Security Measures Good Cyber Hygiene guide development of a strong information security high quality cyber security tools house being robbed Identify Potential Security Weaknesses information security dashboard information security management information security managers information security platform Information Security Programs maintain advanced cyber security maintain the control and strength of your firm’s cyber security manage security programs success Managing information security prioritize security functions professional information security Progressive Data Security Solutions Proposing solutions to cyber threats reliable cyber security platform reliable information security dashboard responsibilities of a CISO risk assessment software stay ahead of potential cyber threats strengthening your company’s security measures strength of your company’s information security strong information security programs vCISO Visualization of Information Security Risk Management Visualize Information Security Risks visual representation of security risk in an organization