Printed from

Many execs say they underachieve on cyber resilience

Posted On: Jun. 19, 2018 1:23 PM CST

Many execs say they underachieve on cyber resilience

Many executives feel they are not doing as well as they could be in applying lessons from cyber incidents, says a survey issued Tuesday.

The London-based Economist Intelligence Unit conducted a global survey of 452 large-company board members, C-suite executives and directors on the issue of cyber resilience in March that was sponsored by Willis Towers Watson P.L.C. A third of the respondents said they had experienced a serious cyber incident in the past year.

The executives were asked to rate themselves on scale of one to five relative to their peers on 10 areas of cyber resilience, with five considered “well above average.” Only 13% gave themselves the highest “5” rating on the issue of learning from their failures.

“Two other areas in which executives see a deficit are the ability of their organizations to identify and fill gaps in cyber talent along with the capacity to develop a cyber-savvy workforce,” with 14% and 15%, respectively, giving themselves the highest rating, said the survey report How Boards Can Lead the Cyber-Resilient Organization.

Among other survey results, asked who at the board now oversees cyber, 19% responded a specialized cyber committee and 33% the board as a whole.

The survey found that the average spent on cyber resilience is about 1.7% of revenue, with 50% saying this should be increased by 10% or less, and another 23% said by more.

Asked how new spending on cyber resilience should be allocated per dollar, respondents said 20 cents should be spent on technology to harden cyber defenses, while insurance to cover damages in the event of a breach came in last among the proposed answers, at 14 cents.