Security leaders don’t want to be held personally liable for attacks

Posted by:
Emma Walker
Fri, 27 Dec
0 Comment
Feature image

New research reveals that many IT experts are hesitant to pursue cybersecurity roles despite lucrative earnings, attributing their reluctance to stories of Chief Information Security Officers (CISOs) being held personally liable for security incidents. The study by BlackFog found that 70% of IT security decision-makers feel deterred from advancing into managerial positions due to the perceived risks associated with the role. A significant concern highlighted was the pressure faced by security leaders, with 34% indicating that failure to report findings could result in internal consequences or public criticism and potential prosecution. Additionally, 44% of companies have implemented measures to minimize cybersecurity risks to avoid regulatory scrutiny, showcasing a growing emphasis on cybersecurity within corporate boards. However, only 10% of respondents noted increased financial resources allocated to cybersecurity efforts. The study underscores the need for clearer governance and incident response procedures to support cybersecurity workers, including CISOs. Despite 49% of respondents believing that individual accountability post-cyberattack would enhance transparency, 15% expressed reservations about pursuing CISO roles in the future due to prosecution threats. BlackFog CEO Dr. Darren Williams emphasized the importance of organizational support to address the evolving cyber risk landscape.

Tags:

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments