Independent researcher Ponemon Institute has found that 51% of businesses employ IT staff to filter negative data before filing security risk reports to C-level bosses (CFO, CEO etc).
A report sponsored by FireMon titled ‘Security Metrics to Manage Change: Which Matter, Which Can Be Measured’, revealed that nearly three quarters (71%) of those who responded said communication exists at a level too low – or solely after a security issue has already taken place.
The report featured responses from almost 600 IT staff members from risk management, compliance, and IT security divisions of prominent firms.
It concluded that the lack of communication highlights the issues when coming to a conclusion on data’s level of security.
Professor John Walker, who lectures in the School of Science and Technology at Nottingham-Trent University, acknowledges the communication issue, saying that he has observed it at a number of businesses he has consulted. Walker said:
“It comes down the fact that people tend to be more worried about their bonuses than actively communicating the scale of the problem to their managers. The solution needs to come from the board itself, and foster a better understanding the challenges the IT security department faces on a day-to-day basis.”
CEOs hearing of this report will likely insist that they be made aware of any information with regards to potential risks, or they may be posting ads for cyber security jobs in a bid to improve the communication channels within the company.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.