High-profile data breaches made most CEOs re-examine security programs
There has been increased board- and C-level interest in information security programs in light of recent high-profile data breaches such as those affecting Sony, Anthem and JP Morgan, the results of a Netskope survey have revealed.
As the severity and consequences of data breaches intensify, Netskope surveyed a hundred information security professionals attending RSA Conference 2015 and found the majority of respondents’ board of directors and CEOs have taken active interest in understanding and improving their company’s security programs.
“As more information is disclosed and media follow every detail of mega breaches, there’s an incredible amount to learn,” said Sanjay Beri, co-founder and CEO, Netskope. “But for all the information available, we were curious to know if the impact of those breaches was enough for board members and CEOs to move the needle in the boardroom. I’m encouraged knowing that recent high-profile data breaches have incited conversations between board-level decision-makers and security teams, and action is being taken to prevent similar breaches.”
The survey – which provides a snapshot of how security decisions are currently being made – offered up these conclusions:
Elevated executive interest
In light of recent data breaches, Netskope found 13.6 percent of cloud app users currently use compromised account credentials at work. The impact of breaches often linger beyond the immediate attack, and executives are increasingly looking to mitigate that risk. The survey revealed that 69 percent of respondents’ CEOs or boards of directors have asked their security teams about specific security policies in the wake of recent high-profile breaches.
All technology up for discussion
Of those 69 percent of respondents, 28 percent of boards and CEOs have asked specifically about security of Cloud or Software as a Service (SaaS) technologies. 27 percent have asked about mobile device security and network security, demonstrating executives are not focused solely on one area of security, rather, they aim to gain a holistic understanding of security programs in general.
Walking the walk
Enterprises use an average of 730 cloud apps, however 90 percent of those apps are not enterprise-ready, according to the Netskope Cloud Confidence Index. As cloud app adoption continues to skyrocket, enterprises must have the visibility into the cloud technologies in use by their organizations. 65 percent of respondents report they have changed, or plan to change cloud-specific security methods since the Anthem security breach. More than half (52 percent) of respondents confirmed that cloud-specific security methods have changed as a direct result of CEO or board-level conversations.