Three-quarters (74%) of CEOs are concerned about their organisations’ ability to avert or minimise damage to the business from a cyberattack—despite 96% of CEOs saying cybersecurity is critical to organisational growth and stability.
Additionally, 60% of CEOs say their organisations don’t incorporate cybersecurity into business strategies, services, or products from the outset, a report from Accenture said.
However, despite agreeing with the role of cybersecurity in an organisation’s growth, 44% of CEOs also shared that cybersecurity requires episodic intervention rather than ongoing attention.
Adding to this reactive stance is the incorrect assumption by more than half, 54% of CEOs, that the cost of implementing cybersecurity is higher than the cost of suffering a cyberattack despite history showing otherwise, the report shared.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
In addition, despite 90% of CEOs saying they consider cybersecurity a differentiating factor for their products or services to help them build trust among customers, only 15% have dedicated board meetings for discussing cybersecurity issues.
The disconnect may be explained by the fact that the vast majority, 91% of CEOs, said cybersecurity is a technical function that is the responsibility of the CIO or chief information security officer.
The report further suggests the role of generative AI could potentially introduce a greater level of advanced security threats that even best-practice cyber defences may not fully address - a thought most CEOs agree with. Nearly two-thirds (64%) of CEOs surveyed said that cybercriminals could use generative AI to create sophisticated and hard-to-detect cyberattacks, such as phishing scams, social engineering attacks, and automated hacks.
However, a small number of executives excel at cyber resilience, accounting for 5% of respondents. These executives use a wider lens to assess cybersecurity across all aspects of their organisations and look towards detection, containment, and remediation of cyber threats faster than other organisations.
Organisations helmed by them suffer fewer breaches, and perform significantly better financially than the rest, achieving 16% higher incremental revenue growth, 21% more cost-reduction improvements, and 19% healthier balance-sheet improvements, on average, the report said.
“The constantly evolving and never-ending threat landscape is creating a wide gap between CEOs’ increasing awareness of the business impact of cyberattacks and their lack of confidence to mitigate them,” said Valerie Abend, global cybersecurity strategy lead at Accenture Security.
The report titled ‘The Cyber-Resilient CEO,’ is based on a survey of 1,000 CEOs from large organisations globally.