78% of the 1,000 respondents to the Global Megatrends in Cybersecurity 2015 survey say their organization’s board hasn’t been briefed about its cybersecurity strategy within the past year, while two-thirds say top executives haven’t made information security a priority. What? How in the world can over 75% of these organizations represented in the survey allow their boards to continue to operate in the dark about cybersecurity? Astonishing. There are a plethora of organizations from around the globe who have experienced some form of a cybersecurity event some of which cost hundreds of millions of dollars in various damages. Boards and senior management have to be taught to understand that cybersecurity is not just something that IT will take care of and need to realize very quickly that every organization is a target regardless of its size or industry. It simply does not matter if you are a retailer or not and every organization will eventually experience some form of a cybersecurity attack and that it is paramount every organization have an appropriate incident response plan in place that is tested much like with BCP/DR. Otherwise, your organization could someday experience the pain, suffering, financial damages and reputational harm as so many other organizations have learned the hard way.
