ARLINGTON, Va.--(BUSINESS WIRE)--Despite increasing cybersecurity threats to businesses, a survey conducted by CyberVista and Zogby Analytics reveals continued gaps in cybersecurity education among those responsible for safeguarding companies against breaches and attacks – board members and C-level executives. The survey asked C-Suite executives and corporate board members across multiple industries and business sizes about their cybersecurity priorities.
According to the survey, nearly one third of executives reported experiencing three or more cyberattacks on their company in 2015, with more than 60 percent acknowledging being hit by at least one cyberattack in the same time period. Thirty-five percent of respondents either do not know or are not sure what legally constitutes a data breach in their state, and nine percent of executives report that they are never briefed on cybersecurity matters.
“Every business today has information at risk of being stolen or leaked, so the take away for company leaders is that building a good security posture assumes that a breach is imminent,” said Amjed Saffarini, CyberVista’s CEO. “As with all other corporate risks, board members and executives ultimately bear responsibility for cybersecurity issues, and must take steps to create a culture of security that prioritizes addressing cyber risks across their entire organization. Increasing cybersecurity training and education among leadership is critical to reducing vulnerabilities and ensuring sound business judgments. Cybersecurity has to start at the top.”
Survey results comparing the security postures of small and large organizations present an even more striking picture. A staggering 20 percent of executives from small businesses, companies with fewer than 50 employees, report never being briefed on cybersecurity issues, compared to 0 percent of executives from large organizations (those with more than $25 million in revenue).
The quickly-growing gap between the need for workers with cybersecurity skills and supply of such workers in the United States also creates major vulnerabilities for businesses. Despite this well-documented skills gap, the CyberVista/Zogby survey found that only 25 percent of executives and board members believe recruiting and retaining skilled professionals is a critical cybersecurity issue, ranking it sixth out of seven main cybersecurity priorities.
“Too often, we hear only about the technology problems and solutions in cybersecurity without enough appreciation of the ‘people problem’ at the core of many of the most damaging cyberattacks,” added Saffarini. “Even with the best technology tools available, a shortage of cybersecurity workers limits the ability of businesses to appropriately prepare and respond to cyberattacks. This survey demonstrates the need for a major shift in the mindset of executive leaders: to acknowledge the human side of cyber and the risk of a cyber workforce shortage so they can prioritize filling that gap in order to defend their most critical assets.”
Experts believe the demand for knowledgeable cybersecurity workers will grow more urgent in the next few years. The State of Cybersecurity: Implications for 2015, conducted by ISACA and RSA Conference, found that more than a third of cybersecurity and IT managers have job openings they cannot fill because of a lack of qualified applicants. At the same time, the number of cybersecurity job postings have increased 74 percent over the past five years, according to an analysis of U.S. Bureau of Labor Statistics data. Symantec CEO Michael Brown also recently predicted that there will be six million open cybersecurity jobs by 2019 and 20 percent of those jobs will go unfilled.
CyberVista will launch board and executive training this year that will provide corporate board members and executives with a comprehensive understanding of cyber issues that affect their organizations and impact overarching business risk, as well as the tools to oversee and manage those cyber risks. CyberVista also plans to introduce a cybersecurity certification preparation program for practitioners and IT professionals, as well as a continuing education program for practitioners already in the field or looking to get into it.
About the Zogby Analytics Poll
Zogby Analytics contacted 300 respondents in December 2015. More than half of the respondents are board members, more than half are CEOs, 20 percent are a Chairman of the Board, 10 percent are a Chief Information Officer or the equivalent, 7 percent are a Chief Operating Officer and 5 percent are a Chief Financial Officer. The poll had a margin of error of +/- 5.8 percent.
CyberVista is a cybersecurity training and workforce development company whose mission is to create a cyber-ready workforce through personalized training programs that provide organizations with the people, knowledge and skills required to defend their most critical assets. With parent Graham Holdings Company and sister company Kaplan, Inc.’s innovative education technologies and personalized approach to learning, CyberVista offers a new vision for board, executive, and workforce cybersecurity education. For more information, visit www.CyberVistaInc.com.