For many organizations, security flows from the top down. That’s a problem when executives don’t emphasize security as much as they should. Cisco learned as much in its CISO Benchmark Study “Securing What’s Now and What’s Next20 Cybersecurity Considerations for 2020.”Here are just some of the findings from Cisco’s study:A majority (89%) of respondents said that their executive leadership considered security to be a high priority—down from 7% across the preceding four years.A slightly higher proportion (91%) of survey participants revealed that cyber risk assessments featured in the organization’s overall risk assessment processes. That was 5% less than the previous year.Nine in 10 respondents said that their employer’s executive teams established clear metrics for evaluating the organization’s security programs—6% less than the last year.The reason for these findings wasn’t immediately apparent from Cisco’s study. Even so, the networking hardware company suggested multiple factors as an explanation. Among those was the possibility that communication between security teams and executives had become less clear.This possibility raises several questions. What are the main barriers to effective communication around cybersecurity in an organization? And how does this tie into building a great cybersecurity program across people, process and technology?To find out, Tripwire posed these questions to several CISOs and other security directors. Their responses helped to illustrate how CISOs can foster internal communication around potential security issues within the organization and build a strong digital security culture.Dump the God Complex and Get Executive Buy-inChristian Toon, CISO at Pinsent Masons LLP, said that one of the issues hampering effective security communica ..
Support the originator by clicking the read the rest link below.
