Cybersecurity, IT managers point the finger at top management

According to Trend Micro's findings, for 93% of managers, companies do not give adequate weight to IT security and consider it “secondary” to digital transformation and productivity. And even 77% report pressures: the "rule" is to minimize the severity of IT risks to the board of directors 17 Nov 2021 L. O.

The "splits" within the company structure are paid for. Especially in terms of cybersecurity. It emerges from the Trend Micro report that 93% of Italian IT managers say their company would be willing to compromise on cybersecurity, to favor other areas such as digital transformation or productivity. In addition, 77% feel pressured to minimize the severity of IT risks before their board of directors. Index of topics • Cybersecurity minimized by executives • The reasons behind the "gap" • Hacker attacks, the impact on costs

Cybersecurity minimized by executives

“IT managers often mediate in front of boards for fear of appearing repetitive or too negative, with nearly a third saying this is constant pressure. But this only perpetuates a vicious circle in which company managers remain partially informed about the real cyber risks, "says Alessandro Fontana, Head of Sales at Trend Micro Italia. “We need to talk about the dangers, in order to understand how cyber security is a fundamental engine for business growth. We need to create a system, between IT and corporate managers, after all they are both fighting for the same cause. "

The reasons behind the "gap"

Research reveals that only 51% of IT managers and 37% of business leaders believe executives fully understand IT risks. Some think it is due to the fact that the topic is complex and constantly evolving, but many believe that managers do not try hard enough (30%) or do not want to understand (12%). IT and business leaders also disagree over who is ultimately responsible for managing and mitigating risk. IT managers who point to IT teams, and the CISO, are twice as many as business leaders. In any case, 55% of respondents say that cyber risks are still treated as an IT rather than a business problem. A situation that could cause serious problems, also considering that 58% of respondents agree that the attitude of their organization towards IT risk is inconsistent and varies from month to month.

Hacker attacks, the impact on costs

However, cybersecurity is the biggest business hazard today for 27% of respondents, while 57% say it has the highest cost impact than any other business issue, a view contrary to the general will of compromise on safety.

The sample indicates three main situations that could lead business leaders to consider IT risk management as a priority: 67% think that a breach of their organization would be needed, 62% say that consideration would increase if customers started asking for credentials for more sophisticated security, 59% believe it would be useful to have better tools to make people understand the danger that the company faces from cyber threats.