IT admins are getting increasingly frustrated at non-IT bosses not knowing their stuff
The majority of non-IT leaders are overestimating their organization’s abilities
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The majority (60%) of non-IT C-suite leaders are “very” or “extremely” confident in their organization’s ability to prevent, or stop, a destructive cyberattack in the next 12 months, new research has claimed.
However, a report from cybersecurity experts Ivanti found their IT peers think differently, causing frustration and suggesting that non-IT leaders don’t really understand the risks cyberthreats actually pose. In fact, less than half (46%) of IT professionals are equally confident.
The two sides have aligned in terms of vulnerability management. The majority of IT and security pros (55%) believe their peers don’t fully understand it, which is something 47% of the non-IT agrees with.
Failure to communicate
“When leaders don’t understand vulnerability management, they may not realize how changing leadership priorities can impact the security of their organization,” Ivanti argues. “In fact, more than 1 in 4 IT professionals say patch management is undermined by changing leadership priorities.”
The two sides have disparate priorities, Ivanti further notices. Non-IT execs are more focused on financial, legal, and reputational impacts than their IT peers. For example, a quarter (24%) of executive leaders label the reputational impact of cyber risks as ‘high’ compared to only 15% of CISOs.
For Mike Riemer, Field CISO at Ivanti, it’s the CISOs duty to “effectively communicate” the actual risks their organizations are faced with. “The threat landscape is growing increasingly volatile and unpredictable and CISOs are tasked with enabling employees to remain productive and secure,” he said. “The success of the CISO organization is imperative to ensure the success of the entire organization, which explains why cybersecurity has elevated to being a board level discussion.”
Over the past two years, cyberthreats have gotten significantly more complex, largely due to the introduction of generative artificial intelligence (genAI), Ivanti concludes. Today, almost a third of CISOs don’t have a documented strategy that addresses the elevated risk.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Your doctor may have an AI assistant taking notes during your next Zoom call