June 2, 2021

Does Management understand the risks of IT Security?

Greetings All,

I am preparing a presentation on what I feel is the greatest risk to our CyberSecurity posture and as I have been thinking this over there are just so many targets that come to mind that I could speak on (only have 10-15 mins) but as I ponder it I am starting to believe that the real issue lies with Management understanding.

I do not confidently believe that Management (At least outside of IT) and especially upper management do not have a full and accurate appreciation or understanding of the risks that face the organization. This is ultimately why some urgent things and high risk positions do not get prioritized and corrected. Also, I am more than willing to accept that organizational management can choose to accept any risk they want, but such acceptance is really only good if they have a full and proper understanding of what they are agreeing to and I think often things get lost and/or misrepresented as tings move up the chain.

Now, while it is easy to have this belief, what I am looking for is studies, statistics, etc this validate this stance which sadly my GoogleFu skill level seems to find plenty of companies that want to sell Executive Training, but it is hard to fully trust their data to as it is clearly self serving. I am also willing to be shown I am wrong on this.

In all any thoughts, advice, guidance, references, etc that anyone might want to provide would be appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.