CIO OPINION
However , there is a significant gap between awareness and action , with only 53 % of respondents stating that their C-suite leaders are highly engaged in cybersecurity matters .
Cybersecurity training should be an ongoing process that keeps the C-suite updated on the latest threats , trends , and best practices , and encourages them to actively participate in cybersecurity initiatives .
This suggests that while the C-suite acknowledges the severity of cyber risks , there is room for improvement in terms of their active involvement in cybersecurity strategies and decision-making .
Cybersecurity is not just an IT issue ; it is a business risk that requires leadership engagement and an initiative-taking approach to safeguarding the organisation ’ s critical assets , including its reputation and financial well-being .
The report highlights importance of cybersecurity education and training for the C-suite . While 84 % of the surveyed IT decision-makers believe that their C-suite executives understand the cyber risks associated with email , only 39 % believe that their C-suite leaders have a good understanding of email security best practices .
This underscores the need for continuous education and training on cyber risks and best practices , especially for C-suite executives who may not have a technical background .
Organisations should prioritise cybersecurity awareness programmes that cater to the C-suite and provide them with the necessary knowledge and skills to make informed decisions about cybersecurity strategies , investments , and risk mitigation measures .
The report indicates importance of cyber risk governance and accountability in the C-suite . According to the survey , 60 % of the respondents believe that their C-suite executives are held accountable for cybersecurity incidents in their organisations . However , only 29 % of the respondents believe that their C-suite leaders have clear metrics and KPIs to assess the effectiveness of their cybersecurity programmes .
This indicates the need for organisations to establish robust cyber risk governance frameworks that clearly define roles , responsibilities , and accountability for cybersecurity at the C-suite level .
C-suite executives should be empowered with the necessary authority and resources to effectively manage cyber risks and hold them accountable for the outcomes . This includes setting clear metrics and
Only 29 % of respondents believe their C-suite leaders have clear metrics and KPIs to assess the effectiveness of cybersecurity programmes .
www . intelligentcio . com INTELLIGENTCIO AFRICA 39