Are C-Suite Executives Fluent in IT Security Speak? Five Reasons Why the Communication Gap is Wider Than You Think>
MSSP Alert – D. Howard Kass
Data for the report comes from two separate Kaspersky studies. One consisted of some 2,300 C-suite executives and IT security managers in one survey and a second of some 4,300 IT workers as a part of Kaspersky’s global Corporate IT Security Risks Survey.
Combined data showed: 98% of non-IT respondents revealed they have faced at least one IT security miscommunication that regularly leads to bad consequences. As a direct result of miscommunication regarding IT security within their organization, 62% of managers admit it led to at least one cybersecurity incident. 42% of business leaders want their IT security teams to better communicate cybersecurity incident risks and consequences, while most IT workers (76%) say they face no difficulties explaining their work to colleagues and executives. 34% of C-level executives struggles to speak about adopting new security solutions, while 51% of information security workers find it most difficult talking about increasing budget for IT security. 56% of C-levels and 48% of IT workers agree that providing real-life examples is the most efficient method to ease communication on IT security related issues. [The Contradiction] While all surveyed top-managers regularly discuss security related issues with IT security managers more than one-in-ten respondents have never heard of threats such as botnet (12%), APT (11%) and zero-day exploits (11%). At the same time, while spyware, malware, trojan and phishing appeared to be more familiar terms, more than one in ten top managers admit they have never heard of cybersecurity terms like DecSecOps (13%), zero trust (11%), SOC (11%) and pentesting (11%). 33% of non-IT executives in the U.S. said they would not feel comfortable flagging that they don’t understand something during a meeting with IT security. Although most of them hide their confusion because they prefer to clarify everything after the meeting or choose to figure everything out by themselves, 36% of manager don’t ask additional questions because they don’t believe the IT peers can explain it in a clear way. 43% reported they feel embarrassed revealing they don’t understand the topic and don’t want to look ignorant in front of IT colleagues.
Link: https://www.msspalert.com/cybersecurity-research/are-c-suite-executives-fluent-in-it-security-speak-five-reasons-why-the-communication-gap-is-wider-than-you-think/