With Cyber Security Awareness month fast approaching, information security professionals and data protection managers will be looking at how to secure board-level buy-in for company-wide cybersecurity awareness campaigns. Often, this is the biggest hurdle for any cyber awareness campaign as senior leadership weighs the costs and benefits of investing in the security of their business.

Today we will be looking at some top tips for changing the tide on board-level buy-in.

What are the obstacles to Board-level buy-in and how to address them?

According to a study, by AT&T, board members covet data security as their number one concern, however, 75% of these boards do not actively put stock into internal cybersecurity campaigns.

With average data breach costs soaring to $4.4 million in 2022, the need to elevate cybersecurity initiatives on the boardroom agenda is increasing.

Why is there an understanding of the importance of cybersecurity awareness but no impetus to follow up with company-wide campaigns and initiatives?

1. Monetary Hurdles

Cybersecurity awareness providers can use behaviour research tools and surveys to properly assess what areas of your company need to be addressed with training and development. This can then help you to present where and what your budget needs to be spent on, thus reassuring board members with facts and actionable insight and analysis. By doing this, you also instantly involve board members in the decision process.

2. Fear of change

One of the biggest hurdles to board buy-in is the fear of change and the comfort of following a tried and tested formula. People don’t like change and breaking leadership habits is very difficult to do.

In order to break this status quo, you need to increase board members involvement in security activities and simulations, especially considering recent developments in cybersecurity regulations.

When you do (Read more...)