As the issue of cybercrime is on the rise, it will not disappear until people realise that it is something that needs to be looked at. Now, it has come to light that South African chief executives should be held accountable for cyber breaches.

This is according to a national survey of IT executives, conducted by VMware. 35% of IT decision makers believe that “C-level executives or corporate boards should be held accountable for cyber security lapses”, with only 16% of respondents saying that those top level executives are bothered with paying attention to cyber security issues.

According to Matthew Kibby, regional director of VMware in Sub-Saharan Africa,

The issue around accountability is symptomatic of the underlying challenges facing business as they seek to push boundaries, transform and differentiate, as well as secure the business against ever-changing threats.

And he’s not the only one to think so. Marthinus Engelbrecht of NEWORDER makes a note that when it comes to a secure IT environments, managerial mindset often poses the biggest threat.

It would seem logical that management in any business would understand that building a secure organisation is important to business continuity, long-term success and sustainability. Unfortunately, in many organisations, IT security is still seen as an IT issue and not a business one.

Management first of all does not understand the impact of information security, and secondly does not understand how to justify the cost associated with protecting their corporate IT environments.

The impact of security and confidentiality breaches can make or break an organisation.

It’s not just the finances at stake. Aside from the costs associated with resolving a security incident, especially if it leads to litigation, and the financial burden of fraud, other factors can severely damage an organisation’s ability to operate or damage its reputation beyond recovery.

There’s also the common mindset is that if there are firewalls, intrusion detection systems and antivirus programmes in place, IT security is taken care of.

This is a naive approach that leaves a company, its systems and data as vulnerable as if there were no interventions in place.

So what is the solution to all this? NEWORDER has the answer:

Once again with our PWN offering we provide management a cost effective solution to have insight into the state of their IT security without having to worry about it. Providing them a tool-set to be accountable for IT security.

[source: fin24]