Communication gap between C-suite & cybersecurity leaders
New cybersecurity research from FTI Consulting clarifies that while the importance of mitigating cybersecurity risk enjoys broad agreement across industries, a vital communications chasm remains between c-suite executives and cybersecurity leaders. This finding comes as part of the firm's "CISO Redefined" series, which analyses the evolving role of security executives.
In Singapore, a notable 35% of survey participants suggested that cybersecurity leadership could have enhanced their response to a cybersecurity accident by proactively inspecting an incident response plan. Simultaneously, an impressive 88% of those surveyed identified information security and cybersecurity as either a critical or high priority for their businesses, chiefly motivated by concerns revolving around potential revenue loss, preserving customer and client trust, and securing business continuity.
Reflecting these concerns, the bulk of the surveyed organisations (90%) reported allocating larger budgets to information security functions. Besides, 87% of the respondents acknowledged an increased inclusion of information security and cybersecurity issues on the board's agenda while 86% observed heightened media scrutiny over their cybersecurity and data privacy preparedness.
However, despite the surge in cybersecurity threats associated with the hybrid work era and collaboration tools, over one-third of the executives surveyed felt that their cybersecurity leaders are reticent in raising concerns about their organisations' vulnerabilities. This hesitancy, along with discrepancies in understanding the severity and solutions for cybersecurity threats, can lead to trust gaps between the c-suite executives and cybersecurity leaders.
Tom Evrard, Head of Strategic Communications Southeast Asia, said, "Establishing a platform to encourage frank and collaborative dialogue between these parties and other stakeholders is critical." With an increase in the responsibility of Chief Information Security Officers (CISOs), communication is key in navigating the constantly fluctuating threat landscape and regulatory environment.
Eli Serota, Head of Cybersecurity and Data Privacy Communications Asia, revealed that a lack of cybersecurity preparedness could lead to detrimental effects on an organisation's bottom line. He emphasized the need for bridging the trust and communication gap to protect normal business operations.
Additional findings from the survey indicate that 35% of Singapore respondents believed that cybersecurity leadership could enhance their response to an incident by proactively reviewing an incident response plan. Meanwhile, 37% of the organisations raised concerns over the board's understanding of cybersecurity risks. In contrast to global trends, Singapore leaders feel the most substantial pressure on cybersecurity from customers, followed by investors and vendors.
Summarily, enhanced open dialogue and understanding between executives and cybersecurity leaders could be the turning point in reaching successful cybersecurity governance while also ensuring business continuity and customer trust.