some think this is because the topic is complex and constantly changing , many believe the C-suite either doesn ’ t try hard enough ( 26 %) or doesn ’ t want ( 20 %) to understand .
There ’ s also disagreement between IT and business leaders over who ’ s ultimately responsible for managing and mitigating risk . IT leaders are nearly twice as likely as business leaders to point to IT teams and the CISO . A total of 49 % of respondents claim that cyber-risks are still being treated as an IT problem rather than a business risk .
This friction is causing potentially serious issues : 52 % of respondents agree that their organization ’ s attitude to cyber-risk is inconsistent and varies from month to month .
However , 31 % of respondents believe cybersecurity is the biggest business risk today , and 66 % claim it has the highest cost impact of any business risk – a seemingly conflicting opinion given the overall willingness to compromise on security .
49 % of respondents claim that cyberrisks are still being treated as an IT problem rather than a business risk .
There are three main ways respondents believe the C-suite will sit up and take notice of cyber-risk :
• 62 % think it would take a breach of their organization
• 62 % think it would help if they could better report on and more easily explain the business risk of cyberthreats
• 61 % say it would make an impact if customers start demanding more sophisticated security credentials
Trend Micro commissioned Sapio Research to interview 5321 IT and business decision makers from enterprises larger than 250 employees across 26 countries . p
www . intelligentcio . com INTELLIGENTCIO LATAM 29