Hacked companies still prioritize innovation over cybersecurity
KPMG found that while 80 percent of organizations acknowledged being hacked, only half have invested in cybersecurity technologies in the past year. The research firm has a theory as to why.
The CIO.com article, “Hacked companies still prioritize innovation over cybersecurity,” quoted Russell Reynolds Associates' Matt Comyns about his thoughts on the importance of hiring security leaders. The article is excerpted below.
Eight out of 10 executives surveyed acknowledge that their companies had been compromised by cyber attacks in the past two years, according to a new study by KPMG. Yet less than half of the 403 CIOs, CISOs and CTOs the firm surveyed said that they had invested in information security in the past year.
Of companies surveyed, 69 percent reported having a cybersecurity leader, such as a CISO, in place. Again, though, a gulf exists between the attention financial services and tech firms pay to cyber versus what their peers in retail and automotive do. For example, 85 percent of both banks and technology companies said they had a CISO or some other position of its ilk compared to 58 percent and 45 percent of retail and automotive companies who fessed up to having a cyber leader.
Matt Comyns, global cybersecurity practice leader for executive recruiter Russell Reynolds Associates, says that some enterprises try to hire average CISOs, or hold off on hiring security leaders entirely because they are in denial about the threat hackers pose toward their organizations. The collective mentality, Comyns says, is one of disbelief that hackers would find their data valuable enough to steal. Comyns says tries to convince them otherwise.
"I still walk in the door of companies searching for a CISO who say: ’Who would come after us, we’re not Target, we’re not Sony?" Comyns says. “I'm not so sure that's the right question."
To read the full article, click here.