137 0 Kommentare FTI Consulting Study Reveals Significant Communications Gaps Between CISOs and C-Suites Despite Increased Focus on Cybersecurity

Findings Indicate Nearly One-in-Three Executives Believe their CISOs Hesitate to Inform Leadership of Potential Vulnerabilities, Creating Organizational Risk

WASHINGTON, March 26, 2024 (GLOBE NEWSWIRE) -- FTI Consulting, Inc.’s (NYSE: FCN) Cybersecurity & Data Privacy Communications practice today released the second installment of its “CISO Redefined” series, CISO Redefined: Navigating C-Suite Perceptions & Expectations, which reveals that, despite broad agreement on the increasing importance of mitigating cybersecurity risk, a communications gap persists between the C-suite and cybersecurity leaders. Up against a rapidly evolving risk landscape, new regulatory requirements and increased stakeholder scrutiny, executives are ramping up cybersecurity investments, but still perceive their chief information security officers (“CISOs”) as falling short on key communications imperatives, which can directly impact an organization’s bottom line and reputation.

“Security is a shared goal for these leaders, but what we have seen from our past two studies is that they’re communicating past each other,” said Meredith Griffanti, Global Head of FTI Consulting's Cybersecurity and Data Privacy Communications practice. “When the CISO speaks in technical jargon, the C-suite and the board don’t understand it, which can lead to the CISO feeling the need to make things sound simpler – or better – than they actually are. This can leave business leaders in the dark about serious vulnerabilities.”

The C-suite study summarizes findings from a survey of nearly 800 C-suite executives spanning seven sectors across nine countries. FTI Consulting’s first installment of the “CISO Redefined” series, released in 2022, took the inverse approach and surveyed CISOs. Both studies confirmed mounting leadership expectations for CISOs and associated communications challenges.

According to the C-suite study, 94% of C-suite executives surveyed believe cybersecurity issues increased in prominence over the past 12 months, and a majority deem cybersecurity a critical or high priority. Executives are allocating funds to reflect this new reality, reporting an average increase of 23% in cybersecurity budgets over the next one to two years, and 36% in the next three to five years.

Key findings from the “CISO Redefined” series confirm a communications gap amongst C-suite executives and CISOs:

A notable 66% of CISOs felt senior leadership struggles to fully understand their role within the organization, whereas 31% of C-suite executives expressed difficulty understanding the tangible return on cybersecurity investment.
While 82% of CISOs felt a need to make things sound better to the Board, 31% of C-suite executives believe their CISOs paint a brighter picture than the reality – and 30% felt CISOs are hesitant to raise concerns about their organization’s vulnerabilities.
As far as organizational alignment, 58% of CISOs confirmed they struggle to translate technical language to senior leadership in a meaningful way. Meanwhile, 28% of C-suite executives believed their CISOs have a hard time translating technical terms into business terms, and 30% reported this difficulty when it comes to CISOs expressing cybersecurity risk in financial and material terms.
While the research points toward a lack of trust and understanding, it also suggests significant leadership buy-in on solutions to help bridge the gap. In fact, 98% of C-suite executives surveyed supported more funding for CISO communications and presentation training, with nearly half characterizing this need as immediate.

To address this disconnect as well as the demand for actionable solutions, FTI Consulting created Secure Your Seat, a communications and presentation training program designed to sharpen CISOs’ skills for effectively engaging with Board and C-suite leaders to limit risk and close their cybersecurity communications gap.

Seite 1 von 2

Seite 2 ►