The C-suite and board have critical roles in defending their firms against cyber-crime, highlights a new report published by The Economist Intelligence Unit (EIU).
"Data Security: How a Proactive C-Suite Can Reduce Cyber-Risks for the Enterprise," sponsored by Oracle, includes findings from a global survey of 300 C-suite executives conducted in February-March of 2016.
A primary driver of success was the adoption of a proactive cyber-defense strategy. The 28% of firms that prioritized this approach were able to cut the growth of cyber-breaches by more than 50%.
Another significant factor of success was the active support of this strategy by the C-suite or board of directors. Companies that pursue a proactive cyber-defense strategy strongly supported by C-suite and board have cut the growth of eight major cyber-attacks by an average of 53%. This includes reduction of the growth of hacking by 60%, ransomware by 47%, and of malware attacks by 40%.
Successful firms were also more than twice as likely to include security personnel in strategic planning, and 56% more likely to maintain a standing board committee on cyber-security.
“Cyber-criminals are now targeting all parts of the enterprise, probing for weaknesses and penetration points,” says West Coghlan, the editor of the report. “All parts of the organization need to be educated and mobilized as part of an effective defense. Only the C-suite or board can provide the leadership and authority to make this proactive, cross-enterprise strategy work. Cyber-security cannot be pursued as an isolated IT initiative—it requires the active leadership of the C-Suite and Board of Directors to reduce the rate of attacks on the firm.”