The Government’s FTSE 350 Cyber Governance Health Check report highlights the challenges faced by CISOs working in those companies.
One of the reports key findings was that many FTSE 350 boards still don’t understand both the risks or potential impacts a cyber attack could have on their business.
Just 16% of the companies surveyed said that their boards have a comprehensive understanding of the impacts of an attack. Conversely, the same report shows that 96% of companies has a cybersecurity strategy in place suggesting that to many boards the introduction of such plans is just a box ticking exercise.
In this age of growing cyber risks and daily reports of breaches the need for effective cybersecurity has never been greater, but according to the report, just 46% of companies have a dedicated cybersecurity budget in place.
We hear from CISOs all the time that one of their biggest challenges is getting buy-in from their boards. These statistics show just how much of a challenge this can be. If just 16% of boards in the FTSE 350 still struggle to understand the implications of an attack and the need for cyber security measures then why would they release the funds or provide the support a CISO needs to do their job?
Many boards still believe that an annual penetration test is good enough, but cyber risk is constantly changing with new vulnerabilities being discovered all the time.
How can a CISO convince a board that it needs to invest in tools that are always on and always ready to be deployed when needed?
Security teams need a way to clearly demonstrate to stakeholders the need to invest in and encourage an organisation wide cyber aware culture. Tools like CyberScore™ can help by:
We understand that being a CISO is incredibly challenging role which is why CyberScore is designed to be easy to use so it doesn’t eat into your time and resources. For more information about and to request a demo of CyberScore visit - https://xqcyber.com/contact/take-a-look-at-cyberscore