One-in-three executives think that the chief information security officer (CISO) in their organisation is making the situation around cybersecurity risk sound better than it is, new research has found.
The survey also revealed that a similar proportion of senior executives perceive their CISOs as being hesitant to raise potential vulnerabilities to leadership's attention.
Carried out by by FTI Consulting, the survey also found that Irish and UK leaders feel the greatest pressure on cybersecurity from regulators, followed by customers and then investors.
With pressure around cyber resilience growing all the time, the survey found 93% of Irish and UK business leaders see cybersecurity as a top priority for their organisation.
While over 80% of organisations see increased demands to demonstrate cyber readiness and preparedness.
As a result, eight out every ten Irish and UK organisations are increasing the decision-making powers of their CISO, the study found.
"As organisations navigate a regulatory and business environment that is pushing for greater board and leadership oversight of cybersecurity, robust engagement between senior leaders and CISOs will be essential to satisfy stakeholders that cybersecurity risk is being addressed at the top level of the organisation," said Jonathan Neilan Senior Managing Director at FTI Consulting.
"Regular cybersecurity briefings, clear roles and procedures around incident response, together with robust testing of response plans can all help to build trust and confidence across the C-suite and cybersecurity teams."
The international survey of 787 C-suite executives at organisations with more than 500 employees also found that 86% of organisations have increased their cybersecurity budget in the past 12 months.
While nine out of ten respondents claimed they have experienced a cyber incident in the last year.
Most leaders also said they believe that their CISOs require communications training, with more than half flagging this as an immediate priority.
"Our study highlights the ongoing challenges for CISOs as they evolve from technical gatekeeper to holding greater responsibility for overall organisational risk and resilience," said Orla Cox, Head of Cybersecurity Communications for EMEA at FTI Consulting.
"This wider remit means that an effective CISO must build trust across business leaders, senior leaders and the board, and prioritise refining their communication skills as much as their technical skills."
