Study: Executives offer reassurances in face of security blindness

Like the captain of the Titanic who thought he was invincible – until he wasn't – senior executives in major US companies are fooling themselves about cyber-security.

That's according to a study by RedSeal which found that 60 percent of executives surveyed said they could “truthfully assure the board beyond a reasonable doubt” that their organisation was secure.

While on the surface it sounds reassuring, it flies in the face of statistics which show that 97 percent of systems have been breached.

However, even ignoring that, the study indicated internal inconsistencies in respondents' perception of risk as 86 percent revealed that there were gaps in their ability to see and understand what's really happening in their networks.

Further blinding them to what was happening in the network, 84 percent said that disparate groups, products and technologies within the organisation operate within their own ‘silos', each creating its own security-risk profile.

One might ask, how can you secure what you can't see – a question that 79 percent of the survey respondents were asking themselves. As a consequence, 71 percent conceded that they “don't know for a fact that [their] networks are currently under attack by hackers”.

RedSeal said the study reveals perceptions about how strategic, or not, security is to CEOs, CIOs, CISOs and CSOs of various organisations in the US, findings that could equally apply to the UK.