Although they are responsible for preventing cyber attacks, IT security leaders are all but ignored in the organization they are working for, says a new study by LogRhythm.
“They are not seen as influential or valued members of their peer group,” the report noted, adding that it found less than 8% of security leaders reporting to the CEO.
Around 60% of organizations have experienced a cyber attack in the last two years, stated LogRhythm in a press release, predicting that the security risks would multiply in the years to come because of remote-working and hybrid offices.
In the survey, barely 37% of respondents said their organization values and effectively leverages the expertise of the cybersecurity leader.
“While security leaders are assuming more responsibility than ever before, they lack the necessary organizational visibility and influence to effectively build and mature their security programs,” said James Carder, chief security officer of LogRhythm.
“Comprehensive cybersecurity programs are integral to the success of an organization. This research should spur CEOs to take accountability for safeguarding their organization’s sensitive information, prioritize the security program by elevating the security leader, and ensure inroads between security decision-makers, the C-suite, and the board.”
For the study, the company surveyed 1,426 IT security leaders around the world.