Only seven percent of IT security leaders report direct to the CEO
New research from SOC specialist LogRhythm finds that just seven percent of security leaders are reporting to the CEO, and only 37 percent say they or someone in their security function reports to the board of directors.
In addition 53 percent of security leaders claim their senior leadership doesn't understand their role, and 51 percent believe they lack executive support.
The report -- based on a survey of over 1,400 chief information, technology and security executives -- also reveals that organizations are spending on average $38 million on security activities, but 63 percent of security leaders surveyed say this is insufficient to invest in the right technologies.
"While security leaders are assuming more responsibility than ever before, they lack the necessary organizational visibility and influence to effectively build and mature their security programs," says James Carder, chief security officer of LogRhythm. "Comprehensive cybersecurity programs are integral to the success of an organization. This research should spur CEOs to take accountability for safeguarding their organization's sensitive information, prioritize the security program by elevating the security leader and ensure inroads between security decision-makers, the C-suite and the board."
The research also shows that working from home has created major security challenges. Less secure home networks are used by employees in their organization according to 73 percent of respondents. While 68 percent say employees and contractors believe the organization is not monitoring their activities and 67 percent say family members are using work devices.
On top of all that, IT leaders are worried about their jobs, 54 percent of respondents are concerned about their job security, with 63 percent citing insufficient budget to invest in the right technologies as a major factor.
The full report is available from the LogRhythm site.
Photo Credit: Rawpixel.com/Shutterstock