Do Executives Take Security Seriously? Survey Says Yes. - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management
03:02 PM
Connect Directly

Do Executives Take Security Seriously? Survey Says Yes.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.Asking a C-level executive if security is important is like asking a politician if they love America. Everyone knows the right answer is "Yes."

But what if you ask the IT professionals whether executives actually back up their politically correct answer with tangible support? We did, and the results surprised us.

According to our survey, 70 percent of IT directors say executives provide meaningful support of security operations. When we asked about examples of that support, 66 percent said infosec leaders get input into critical business decisions, and 57 percent say executives provide sufficient budget.

Frankly, these results surprised us. For one, when have you ever heard IT say it has enough money? For another, security professionals used to wander in the wilderness like Old Testament prophets, their message unheeded by the idolaters in the executive suite.

Why the change? Our survey provides some clues. For instance, both executives and IT directors said industry and government compliance mandates have the most influence on their organizations' security programs. The status of corporate compliance with regulations is the most common information that gets reported to executives.

Programs such as state breach disclosure laws, the Payment Card Industry Data Security Standard and HIPAA have raised the profile of information security because the failure to comply with these and other regulations have consequences that are felt all the way up to the boardroom.

In addition, a string of high-profile security breaches in the past three or four years demonstrate that data theft isn't a phantom menace. When brand-name companies fall prey to targeted attacks, executives notice. In fact, executives say the potential loss or theft of personal information is their top security concern.

The full report is available as a free download here(registration required). It includes all the survey results from 326 C-level executives and IT leaders. It also has our detailed analysis of the IT/executive relationship around security, more than twenty charts, and real-world insights from executives at Vanguard, CIGNA and other leading corporations.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Flash Poll