CISO Trainings , Information Sharing , Leadership & Executive Communication

A Comparative Study on Cyber Risk: Business vs. Security Perspectives: Survey Results Executive Analysis

Insight from David Homovich, Office of the CISO, Financial Services, Google Cloud

Business leaders and security leaders agree on the importance of cybersecurity, but there are significant differences in how the two groups perceive and prioritize the threats and view the role of the other party.

In H2 2023, Information Security Group (ISMG) in partnership with Google Cloud, surveyed 343 senior executives at major enterprises globally, divided into two groups of respondents: cybersecurity professionals and executive board members who are not cybersecurity professionals, to compare and contrast their perspectives on the role of cybersecurity in relation to organizations achieving their business or mission goals.

There is a need for greater communication so that each group might aid the other in their understanding. According to the report, board members’ advice to CISOs reporting to the board includes: "Keep it short and to the point, but don’t pull any punches. They [the board members] need to understand the risk," and, “Don’t provide assurances that you can’t back up and always be honest. Tell the truth.”

In contrast, CISO advice to the board members includes: “No matter how bad the CISO makes it sound, it’s worse,” and, “Listen carefully.”

View this expert analysis interview with David Homovich, Office of the CISO, financial services, Google Cloud, of what both boards and cybersecurity professionals perceive to be the main challenges around communicating cybersecurity risk and addressing or mitigating vulnerabilities.

Download the full report, and use these results to benchmark your organization against competitors, replicate best practices, and avoid common pitfalls.


About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.