While CISOs are pointing a finger directly at the workforce as their primary concern, citing that a lack of employee education and diligence represents the greatest threat to the security of the corporate IT infrastructure. CEOs disagreed, believing that external phishing attacks represent the largest threat to the organization and that the company has sufficient time and resources to adequately train and educate their employees to effectively mitigate threats.
“These results should be a wakeup call for every organization to demand better alignment between the executives charged with protecting their most vital assets. The idea that there are such disparate views on the crucial threats facing the company between two members of an executive team is discouraging to say the least,” said Patricia Foye, Sr. Vice President, Marketing, at CORE Security. “CEOs need to bring their security teams into the mainstream of day-to-day operations. Security and continual risk assessment should be woven into the fabric of operational reviews and should be an agenda item at the Board of Director level.”
With more than 60 percent of CISOs responding that they are very concerned about their IT systems experiencing a breach, it was somewhat surprising that only slightly more than half have ever tried to compromise their own networks to test the effectiveness of their security. In sharp contrast, only 15 percent of CEOs were very concerned about their network being attacked. Yet despite their confidence, 65 percent of CEOs still admitted to not having the sufficient data needed to interpret how security threats translate to overall business risk.
About CORE Security
CORE Security is the leading provider of predictive security intelligence solutions for enterprises and government organizations. We help more than 1,400 customers worldwide preempt critical security threats throughout their IT environments, and communicate the risk the threats pose to the business. Our patented, proven, award-winning enterprise solutions are backed by more than 15 years of applied expertise from CORE Labs, the company’s innovative security research center. For more information, visit www.coresecurity.com.