Woburn, MA – January 11, 2023 – According to a new report from Kaspersky, 80% of top-tier managers in the U.S. admit that a miscommunication with the IT department or IT security team has resulted in at least one cybersecurity incident in their organizations. In regards to personal attitudes, the majority of non-IT executives cited a diminished sense of cooperation between different teams (43%) and said the situation makes them question their colleagues’ skills and abilities when communicating with their IT-security employees (56%).
A recent Forrester analytics survey found that companies spend an average of 37 days and of $2.4 million to detect and recover from a cybersecurity breach. To determine how much mutual understanding between executives and information security teams affects company’s cyber resilience, Kaspersky conducted a global survey of more than 1,300 business leaders[1].
According to the results of the study, 98% of non-IT respondents experienced miscommunications regarding IT security. With regards to consequences, most often a breakdown in communications leads to serious projects delays (81%) and cybersecurity incidents (62%). Among other negative effects are a wasted budget (73%) and the loss of a valued employees (75%).
In addition, unclear communication with IT-security employees also affects the emotional state of employees and leads to executives questioning the skills and abilities of IT-security employees. 41% executives admit that misunderstandings make them lose confidence in the business’ safety, and 52% reported their lack of confidence in the team makes them nervous, ultimately affecting their work performance.
“Clear communication between a company’s executives and IT security management is a prerequisite for corporate business security,”said Alexey Vovk, head of information security at Kaspersky. ”The challenge is to put oneself in the others’ position and anticipate and prevent serious misunderstandings. This means thatCISOs should know basic business language to better explain the existing risks and need for safety measures. On the other hand, business should also understand that information security is an integral part of business and budgeting for it is an investment in protecting company assets.”
To make the communication between IT security and business functions within a company more transparent, Kaspersky recommends the following:
The full report and more insights on communications issues between C-level and IT security managers is available via the link.
About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
Cassandra Faro
Cassandra.Faro@Kaspersky.com
781-503-1812
[1] The research was conducted in October 2022. Interviews from businesses with more than 50 employees were conducted globally with representation across 25 countries.