According to a recent report by Palo Alto Networks, an increasing number of CEOs are recognizing that cyberattacks pose a greater threat to their organizations than economic uncertainty. The study, which surveyed 2,500 CEOs from the UK, Germany, France, Brazil, and the United Arab Emirates (UAE), revealed that many CEOs are apprehensive about the unknown risks associated with cyberattacks and surprisingly, a significant number of them do not consider themselves responsible for their organization’s cybersecurity posture.
Despite this lack of responsibility, the report highlights that CEOs remain confident in their level of preparedness for potential cyberattack scenarios. In fact, the majority believe that they are well-equipped to safeguard their firms’ endpoints, despite growing concerns. According to the findings, 51% of CEOs revealed that the rapidly rising risks of cyberattacks keep them up at night.
Interestingly, a considerable portion of CEOs lack awareness about the specific risks their organizations face, with approximately 16% claiming to have a complete understanding of the risks. Additionally, 21% view themselves as wholly responsible for their organization’s cybersecurity, while 24% perceive it as the responsibility of the Chief Information Officer (CIO). However, a significant number of CEOs still consider themselves partially responsible for cybersecurity.
Despite their perceived preparedness, the report indicates that only 36% of CEOs would collaborate with an incident response team in the event of an attack, and 34% would consider paying a ransom in the case of a ransomware attack. It is worth noting that cybersecurity experts and law enforcement agencies strongly discourage paying ransoms, advocating instead for the use of backup solutions, including potentially airgapped systems. Paying ransoms does not guarantee data retrieval or prevent future attacks from the same or different threat actors. Moreover, it contributes to funding future ransomware operations and exacerbates the overall problem. However, many organizations opt for paying ransoms as they perceive it as the quickest way to resume operations.
In conclusion, CEOs are increasingly acknowledging the criticality of cybersecurity in comparison to economic performance. While their confidence in their preparedness is high, there are still gaps in their understanding of the risks and appropriate response strategies.