Report says cyber security still takes a backseat for major companies

Share this article:

As cyber threats continue to be a nuisance to major companies, senior management has yet to give it the attention it deserves, a recent study finds.

While they are some of the most distinguished enterprises in the world, and considered big targets for cyber attacks, the report indicates that top-level management at the firms still neglect suitable governance over the “security of their digital assets.”

Respondents to Carnegie Mellon University's CyLab Governance of Enterprise Security survey, sponsored by RSA, including CEOs, presidents, corporate secretaries and board chairs from the Forbes Global 2000 list. The report was previously conducted in 2008 and 2010. 

Less than one-third of respondents have implemented basic responsibilities for cyber governance, the survey stated. When it comes to approving roles and responsibilities of privacy and IT security personnel, 66 percent of the companies studied “rarely” or “never” take action.

According to the report, the findings are consistent with the ongoing complaints made by CISOs and CSOs concerning inadequate funding, as 54 percent of respondents typically do not approve annual budgets for security.

Many organizations continue to lack full-time senior-level management dedicated to ensuring privacy and security risks. Less than two-thirds of the companies surveyed have brought on senior-level personnel to fill roles responsible for establishing common practices associated with security standards, the study found.

While the results of the survey primarily highlight the lack of commitment to cyber security, on a positive note, compared to previous years the study was conducted, progress has been made regarding the employment of enterprise risk management (ERM) programs, and an increase in teams that “manage privacy and security issues and risks.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.