Despite attention-grabbing headlines about cyber-threats from external attackers, company bosses in fact see their own employees as the greatest threat to corporate data and computer systems.
That is the view of 53% of respondents to ‘Boardroom Cyber Watch 2013’, an international survey of senior executive opinion conducted by IT Governance, the global leader in IT governance, risk management and compliance expertise.
The threat from employees was ranked ahead of risks from criminals (27%), state-sponsored cyber-attackers (12%) and competitors (8%) by an international sample of 260 board directors, IT directors and other technology professionals polled by IT Governance in April and May 2013.
The survey confirms the high level of cyber-threat facing today’s organisations, with 25% of bosses saying they have received a ‘concerted attack’ in the past 12 months. However, the true total may be higher, as over 20% are unsure if their organisation has been subject to such an attack.
However, many board directors still appear inadequately informed about cyber-risks. While a majority of respondents say their board receives ‘regular’ reports on the status of their organisation’s IT security, 52% say that such reports are received, at best, annually. Only 5% say reports are submitted daily, with 11% being submitted weekly and 33% monthly.