The study, conducted by the Ponemon Institute and sponsored by Ounce Labs, indicates that when it comes to security, there is a gap between the expectations of CEOs and the realities faced by those responsible for implementing it.
For example, 100 percent of CEOs said reducing security flaws within business-critical applications was important or very important, but only 65 percent of C-level privacy and security executives agreed, Ponemon says.
Ninety-three percent of CEOs said identifying and responding to a data breach was important or very important, but only 58 percent of C-level privacy and security executives agreed.
Eighty-seven percent of CEOs said protecting confidential information shared with vendors, business partners, and other third parties was important or very important, but only 48 percent of C-level privacy and security executives agreed.
Although 82 percent of respondents said their organizations have suffered a breach -- and more than half (51 percent) reported attacks occurring on a daily or hourly basis -- 48 percent of CEOs said they believe their organizations are rarely attacked, the study says.
Fifty-three percent of CEOs think the CIO is responsible for data protection, but only 24 percent of other C-level executives hold the CIO accountable for data protection, according to the report. Only 15 percent of executives surveyed felt their jobs would be at risk as the result of a data breach.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.