VP of Cyber Security Strategy
The Executive View of Cyber Security
For more than 40 years, BAE Systems has been applying world-leading intelligence and technology to help organizations protect their IT systems and data in multiple industries worldwide. To better understand how organizations view cyber risks we recently commissioned deep research into the views of executives (C-Suites) and Information Technology Decision Makers (ITDMs). The results were startling, revealing a wide disconnect between how these critical management teams view their security roles. In all, 221 C-Suites and 984 ITDMs from eight different countries were interviewed.
In the US, 80 percent of C-Suites believe cyber security to be a significant challenge, while only 31 percent of ITDMs agree. ITDMs estimated the average cost of a cyber breach at $27.2 million, much higher than the average $5.9 million cited by C-Suites. But both groups agree that a cyber attack on their organization will occur in the next 12 months (60 percent of C-Suites and 66 percent of ITDMs).
In the UK, C-Suite respondents think they spend less of their IT budget on cyber security than their peers – 7 percent of budget, compared to 10 percent worldwide – the lowest figure of any national grouping of C-suite executives.
Views also differed around who would be accountable in the event of an attack, and the nature of the threat their organization was facing. Almost half of C-suite respondents globally (49 percent) think the most likely attackers are hobbyist hackers, while only a third (32 percent) of ITDMs agree, with more (46 percent) thinking that professionals present a greater threat.
With successful cyber attacks regularly making headline news, our findings make it clear that boardrooms and IT teams recognize the risks. However, the disconnect we have uncovered between IT Decision Makers and the boardroom could create gaps for attackers to exploit.
Cyber security has been making a steady climb up the business agenda after many years, but the management perception gap shows a need for even more attention. Putting the right protection and protocols in place to mitigate cyber risk should be top of mind for senior leaders around the world.
About Colin McKinty:
Colin McKinty, VP of Cyber Security Strategy, Americas at BAE Systems, has held various roles at the company in the both the US and UK. Upon completing a Masters of Electrical and Electronic Engineering, he then went on to receive his PhD from the University of Surrey (UK) in 2001. He has spent more than a decade helping a wide range of customers enhance and protect their organizations with information intelligence and advanced analytic tools and processes.
He moved from the company’s HQ in the UK to the US in 2007 to run BAE Systems Applied Intelligence’s federal business, which led to a new role: Cyber Lead for the Americas. This enabled him to focus on supporting organizations in the commercial sector. Since 2013, he has been the driving force behind Applied Intelligence’s success in breaking into the security market in the Americas. Colin has a strong technical background with many years of practical experience developing analytics coupled with the business experience needed to speak with decision makers at all levels of an organization.