Maidenhead, UK, Oct. 26, 2022 — Over
half (54%) of office workers would reconsider working for a company
that had recently experienced a cyber breach. That’s according to a new
study by cybersecurity technology provider,
Encore.
An independent
study of 100 C-level executives, 100 Chief Information Security
Officers (CISOs) and 500 office workers in the US and the UK, conducted
by Censuswide, sought to uncover the gap that remains between
boards and security teams when it comes to addressing cyber demands.
Only a third (33%) of staff said they would be “completely unphased” if their employer suffered a cyber break-in.
The majority
(57%) of C-level executives polled said they have been breached in the
last 12 months alone. Most office workers, however, were unaware, with
only 39% believing their organisation had been the victim
of a successful attack.
“The immediate
financial cost of a cyber-attack remains the number one concern for
businesses,” said Brendan Kotze, CEO and Co-Founder at Encore. “But
security teams are learning that there is a long tail to these
breaches, with employees at risk of losing faith in their company, its
ethics and values and its overarching responsibilities to the general
public. In a competitive market, this is a stark warning to businesses
across the world. Keeping your staff in the
dark about cyber risk is a fundamental error, not to mention the
additional impact of delayed disclosure to customers.”
Almost half
(41%) of C-level executives polled named reputational damage as one of
the biggest costs to their business following a cyber-attack, with 34%
agreeing that loss of clientele or their trust was a significant
cost.
Despite many
admitting to suffering a cyber breach in the last year, the overwhelming
majority (92%) of CISOs and C-level executives polled believe their
business is secure at any given moment. Kotze believes
that a mindset shift is needed at an organisational level, treating
cyber incidents and the security of employee and customer data as a
fundamental part of normal business operations, not a function that sits
on the outside, looking in.
“There is a
very real problem of security feeding a false sense of confidence,” he
continues. “This is a risk that must be addressed through data and
reporting. All too often, we see C-level executives treat their
security investments as a sure way of securing their business against
persistent and motivated attackers. Security or being ‘Cybersafe’ is not
something you can measure at a single point in time – it needs to be an
ongoing effort.”
Kotze
concludes: “Being able to instil confidence in a wide range of
stakeholders, from clients to investors to staff, is fundamental to the
modern business. Trust is the bedrock of success and should be the same
for security as it is as a business enabler. If all companies prepare
and respond to threats as if their existence (or at least a very
substantial part of it) is at risk, our chances of blocking or swiftly
responding to attacks is considerably higher. Cybersecurity
is no longer enough; we need to channel Cyber Safety to build
resilience and establish trust both internally and externally.”
To further explore the true cost of cyber breaches, please find the full research report here:
https://www.encore.io/the-true-cost-of-cyber-ebook?utm_source=pr&utm_campaign=encore-cyber-ebook&utm_id=cyber-ebook
About Encore
With more than
25 years’ experience providing professional services and cyber security
consulting for the largest companies in the world, we brought this
knowledge to Encore, the leader in internal and external
cybersecurity (CAASM and EASM). Our team is comprised of offensive
security experts and security engineers, and consultants that know the
mindset and tooling of the attackers, the internal operational
obstacles, the challenges faced by security management
and how to get the most out of security tooling.
Encore
visualises information that can be confusing and often overwhelming,
providing accurate and action-based reporting and visibility across
numerous security controls, through one secure portal.
For more information, or to get in touch, visit our website:
https://www.encore.io
