Do Executives Take Security Seriously? Survey Says Yes. - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management
03:02 PM
Connect Directly

Do Executives Take Security Seriously? Survey Says Yes.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.Asking a C-level executive if security is important is like asking a politician if they love America. Everyone knows the right answer is "Yes."

But what if you ask the IT professionals whether executives actually back up their politically correct answer with tangible support? We did, and the results surprised us.

According to our survey, 70 percent of IT directors say executives provide meaningful support of security operations. When we asked about examples of that support, 66 percent said infosec leaders get input into critical business decisions, and 57 percent say executives provide sufficient budget.

Frankly, these results surprised us. For one, when have you ever heard IT say it has enough money? For another, security professionals used to wander in the wilderness like Old Testament prophets, their message unheeded by the idolaters in the executive suite.

Why the change? Our survey provides some clues. For instance, both executives and IT directors said industry and government compliance mandates have the most influence on their organizations' security programs. The status of corporate compliance with regulations is the most common information that gets reported to executives.

Programs such as state breach disclosure laws, the Payment Card Industry Data Security Standard and HIPAA have raised the profile of information security because the failure to comply with these and other regulations have consequences that are felt all the way up to the boardroom.

In addition, a string of high-profile security breaches in the past three or four years demonstrate that data theft isn't a phantom menace. When brand-name companies fall prey to targeted attacks, executives notice. In fact, executives say the potential loss or theft of personal information is their top security concern.

The full report is available as a free download here(registration required). It includes all the survey results from 326 C-level executives and IT leaders. It also has our detailed analysis of the IT/executive relationship around security, more than twenty charts, and real-world insights from executives at Vanguard, CIGNA and other leading corporations.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll