As most CISOs will tell you, company boards need to treat cyber security as a business priority for 2017. In fact this has been the mantra for the past 5 years, and yet CISOs still feel frustrated at the lack of executive focus and support. Perhaps this is changing because of the increase in data breaches and the impact this is having on the bottom line.
Last year was terrible for corporate victims of cyberattacks, with many large organizations making headlines over reports of major breaches. Ransomware attacks quadrupled to 4,000 per day from 2015 to 2016, according to the U.S. Department of Justice. iStock According to EY’s survey, almost one-third of respondents (32 percent) said a lack of executive awareness and support challenged the effectiveness of their cybersecurity planning and preparedness. Despite the evidence, most companies greatly understate the risk of a cyber incident, according to EY’s 19th Global Information Security Survey 2016-17. Of the 1,735 global executives, information security managers and IT leaders surveyed, only one in five (22 percent) fully consider information security in their strategy and planning.