CEOs should be held accountable for data breach — survey

Report shows 36% of IT leaders in the UAE are not revealing attacks to senior leadership

Gulf News

Dubai: More than 50 per cent of information technology decision makers and office workers in the UAE believe chief executive officers should be held accountable for a significant data breach, VMware revealed in a new report from market research agency Vanson Bourne.

However, more than a third (36 per cent) of information technology decision makers admitted to not actually disclosing a significant data breach to senior management.

The agency polled 1,700 IT decision makers and 3,500 office workers in companies with more than 1,000 employees in the UK, France, Germany, The Netherlands, Belgium, Italy, Nordics (Sweden, Norway, and Denmark), Russia and the Middle East (Saudi Arabia and UAE) using a hybrid approach of telephone and online interviewing during March 2016.

Rasheed Al Omari, Business Solutions Strategist at VMware MENA, said that lack of full disclosure indicates that those held accountable for the business do not have the full picture when it comes to the risk posed by breaches.

This is also reinforced by additional research by the Economist Intelligence Unit earlier this year, which revealed that, just eight per cent of EMEA corporate leaders consider cyber security a priority for their business.

“As cyber attacks intensify and become more damaging for organisations, including a loss of intellectual property, competitive positioning, and customer data, the potential impact of this disconnect to performance and brand is significant,” Al Omari said.

He said the disconnect between business leaders and IT decision makers is symptomatic of the “underlying challenge” faced as organisations seek to push boundaries, transform and differentiate, as well as secure the business against ever-changing threats.

The findings show businesses are coming under increasing threat from serious cyber attacks, with around two thirds (64 per cent) expecting to be hit in the next 90 days.

With the complexities of an increasingly digital business world, Al Omari said current security methods may not be keeping pace. In fact, almost a quarter (23 per cent) of decision makers in the UAE believe one of the greatest vulnerabilities to their organisation to a cyber attack is threats moving faster than their defences.

“Today’s most successful organisations can move and respond at speed as well as safeguard their brand and customer trust. With applications and user data on more devices in more locations than ever before, these companies have moved beyond the traditional IT security approach which may not protect the digital businesses of today,” he said.

Some of the “greatest vulnerabilities” to an organisation’s security stem from within the organisation, with employees who are careless or untrained in cyber security the greatest security challenge their business faces (cited by 40 per cent of decision makers in the UAE).

The research also revealed that the steps employees are willing to take to increase productivity, with over a third (39 per cent) using their personal device to access corporate data and almost two thirds (37 per cent) would risk being in breach of the organisation’s security to carry out their job effectively.

“Forward thinking organisations understand that the reactive security of today is no longer doing its job of protecting applications and data. By taking a software-defined approach to IT that ensures security is architecture in to everything, these businesses have gained the flexibility required to both secure and succeed as a digital business,” he added.

Loading...