Revealing the business disconnect | BAE Systems | International

This website uses cookies. By navigating around this site you consent to cookies being stored on your machine

Blog

Revealing the business disconnect

Cyber Defence Monitor 2017Over the past few years, cyber security has steadily climbed up the business agenda. Today, putting the right protection and protocols in place to defend against cyber risk is front of mind for senior leaders around the world.
 
Our new research, carried out by insight analysts Opinium confirms the importance that business leaders place on the cyber security of their organisations.
 
However, it also shows an interesting disparity between the views of our C-suite respondents and those of the IT Decision Makers (ITDMs). Both groups understand that they face threats, but their understanding of the nature of these threats, and of the way they translate into business and technological risks, can be very different.
 
In total, 221 C-Suite and 984 IT Decision Makers from eight different countries were interviewed for the research. It is interesting to note that the two groups assessed the cost of a successful cyber attack on their business to be dramatically different. IT Decision makers believe that a successful breach could cost around US$19.2m, compared to an estimation of just US$11.6m from board level respondents. Our own experience suggests that these figures could be below the actual costs and may not incorporate the consequential costs of restoration and repair, as well as longer term affects such as loss of trade or fines and regulatory constraints.
 

A global perspective

Views also differed around who would be accountable in the event of an attack, and the nature of the threat their organisation was facing. Almost half of C-suite respondents (49%) think the most likely attackers are hobbyist hackers, while only a third (32%) of ITDMs agree, with more (46%) thinking that professionals present a greater threat.
 
Despite this backdrop, the businesses we spoke to cite confidence in their cyber security measures.
 
However, despite confidence in their people and process, many of our respondents expected that human error by an employee would be the reason an attack on their business would succeed.
 
With successful cyber attacks regularly making headline news, our findings make it clear that boardrooms and IT teams recognise the risks. However, the disconnect we have uncovered between IT Decision Makers and the boardroom could create gaps for attackers to exploit. With regulatory fines starting to become a bigger issue, organisations need to plan ahead and concentrate on bridging the intelligence gap to build a robust defence against this growing threat.
 
BAE Systems Team February 9 2017