Cloud Security Authors: Liz McMillan, Zakia Bouachraoui, Elizabeth White, Pat Romanski, Yeshim Deniz

Related Topics: Containers Expo Blog, Agile Computing, @CloudExpo, Cloud Security

Containers Expo Blog: Blog Feed Post

The Exec-Disconnect on IT Security

Different chiefs give different security stories

A recent survey shows that there is a wide gap between CEOs and Chief Security Officers when it comes to the origin and seriousness of security threats.  They differ on how they view threats to IT Infrastructure  and remain far apart on how to best address an issue that according to analyst reports, costs organizations more than $30 billion annually.  The survey of 100 CEOs and 100 CISO (or other C-levels with security responsibility), shows that the discrepancy is often due to lack of communication.  36% of CEOs said that they never get a security report from their CISO and only 27% receive updates on a regular basis.  Is it the CISO that doesn’t report back or the CEO that is not interested?  Let’s look at some more data.

The CISO felt that the biggest threat was from internal (their employees) due to lack of education and attention while the CEO felt that the biggest threat was from the outside, such as phishing attacks.   Thus, 61% of CEOs said they did have enough time and resources to adequately train the staff on how to mitigate threats while Only 27% of CISOs felt the same.  It’s opposite day.  When asked if their IT systems were ‘definitely’ or ‘probably’ under attack without their knowledge, 58% of CISOs said yes while only 26% of CEOs agreeing.  The chasm grows.  What percentage of each, do you think, said they were very concerned about their IT systems getting hacked?  30 seconds on the clock, please.  Don’t peek.  Only 15% of CEOs and ‘only’ 62% of CISOs are anxious about breaches.  15%?  That’s it?  Maybe they have great confidence in their security team…or, they don’t have the information.  65% of CEOs admitted to not having the sufficient data needed to interpret how security threats translate to overall business risk.  Wow, the very day-to-day operations.  Granted, the CEO is further removed from the specific threats and how they are handled but there is clearly a distance between how each views threats and the company’s ability to successfully mitigate them.

Lack of interest or lack of understanding/information?  Probably both.  An old adage was that a great boss hired people who were good at the things he/she wasn’t so good at.  Surround yourself with those who know their areas better.  Or maybe there is a culture that you don’t alert the top unless it’s dire, critical or unstoppable.   Communication or interest, it is evident that the C-suite isn’t really talking about these critical business issues especially when three times as many CEOs worried about losing their jobs following an attack than did CISOs.



Technorati Tags: F5, security research, botnet, threat landscape, Pete Silva, security, business, technology, cloud,compliance,regulations, web,internet

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

Read the original blog entry...

More Stories By Peter Silva

Peter is an F5 evangelist for security, IoT, mobile and core. His background in theatre brings the slightly theatrical and fairly technical together to cover training, writing, speaking, along with overall product evangelism for F5. He's also produced over 350 videos and recorded over 50 audio whitepapers. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Writer, speaker and Video Host, he's also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others.

IoT & Smart Cities Stories
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Published in Silicon Valley, Silicon India magazine is the premiere platform for CIOs to discuss their innovative enterprise solutions and allows IT vendors to learn about new solutions that can help grow their business.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...