Maria Korolov of CSO Online discusses how cyber security is on the agenda for 80% of corporate boards these days:
“It’s become a really serious issue,” said Chris Wysopal, CTO and co-founder at Veracode, a security vendor. “It’s not just an IT issue, or a policy issue, or a compliance issue. It’s becoming a corporate risk issue.”
According to the survey, the board members held the CEO primarily responsible for cybersecurity, with the CIO as the second-most responsible executive.
One example of this is last year’s resignation of Target’s CEO and CIO after that company’s highly-publicized data breach.
This bodes well for corporate security, he said.
“That means you’re going to see the security get a larger budget,” he said. “But also, more importantly, be an issue that the whole company is going to be charged with solving, not just the IT department or CISO.”
However, 66 percent of board members are not confident of their companies’ ability to defend themselves against cyberattacks. Only 4 percent said they were “very” confident.
There is going to be a tipping point where corporate boards finally realize its time to start healthy, reoccurring funding for cyber security defense. In most cases it is due to a breach, but I feel like there will be a much broader disaster-of-sorts leading to a sudden change in attitude towards the security team.