{"id":43768,"date":"2022-03-01T08:39:00","date_gmt":"2022-03-01T13:39:00","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?post_type=emagazine&#038;p=43768"},"modified":"2022-07-27T07:12:35","modified_gmt":"2022-07-27T11:12:35","slug":"cybersecurity-csuite-close-research","status":"publish","type":"emagazine","link":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/cybersecurity-csuite-close-research\/43768\/","title":{"rendered":"How to bring the C-suite and cybersecurity team close"},"content":{"rendered":"<p>With cyberattacks growing more frequent and ever more complex, company leaders can no longer leave corporate security to the IT team. The C-suite (senior leadership) must get in the loop.<\/p>\n<p>Global professional services giant Accenture found <a href=\"https:\/\/www.accenture.com\/gb-en\/insights\/security\/invest-cyber-resilience\" target=\"_blank\" rel=\"noopener nofollow\">cyberattacks were up by 31 percent globally in 2021<\/a>. Protecting against attacks must be a priority for leaders.<\/p>\n<p>In partnership with Longitude, a Financial Times company, Kaspersky surveyed 750 leaders at enterprises around the world about their approach to cybersecurity. The research found that when companies have strong links between their C-suites and cybersecurity teams, they report being better prepared for attacks.<\/p>\n<blockquote><p>A quarter (26 percent) of respondents said strong integration of the C-suite and cybersecurity teams will be very important over the next two years. This small group, named the Integration Leaders, is better prepared to deal with a range of cyberattacks.<\/p>\n<\/blockquote>\n<p>For example, 64 percent say they could deal comfortably with a cybersecurity threat created accidentally through employee error, compared to 47 percent of the rest of respondents.<\/p>\n<h2>Two ways to ensure C-suite integration<\/h2>\n<h3>1. Share perspectives at the top<\/h3>\n<p>Evgeniya Naumova, Executive Vice President of Corporate Business at Kaspersky, believes the increased security risks with remote work have captured leaders\u2019 attention since the pandemic began. They realized employees were more likely to be exposed to threats outside the office environment.<\/p>\n\t\t\t<div class=\"c-promo-product\">\n\t\t\t\t\t\t<article class=\"c-card c-card--link c-card--medium@sm c-card--aside-hor@lg\">\n\t\t\t\t<div class=\"c-card__body  \">\n\t\t\t\t\t<header class=\"c-card__header\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h3 class=\"c-card__title \"><span>Superior cybersecurity<\/span><\/h3>\n\t\t\t\t\t\t\t\t\t\t\t<\/header>\n\t\t\t\t\t\t\t\t\t\t\t<div class=\"c-card__desc \">\n\t\t\t\t\t\t\t<p>New research from Kaspersky in partnership with the Financial Times Commercial department shows that diversity, collaboration and training can help protect enterprise from major cyber threats.<\/p>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<div class=\"c-card__aside\">\n\t\t\t\t\t<a href=\"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/research-towards-superior-cybersecurity\/\" class=\"c-button c-card__link\" target=\"_blank\" rel=\"noopener nofollow\">See research<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/article>\n\t\t<\/div>\n\t\n<p>This, coupled with recent rises in cybercrime, has opened leaders\u2019 eyes to the threats they face. \u201cThere was a switch \u2014 a really obvious switch \u2014 in their minds,\u201d Naumova says. \u201cThey understood that it\u2019s not just something to observe from afar \u2014 it needs to be top of their minds. Companies that did not have a chief information security officer (CISO) or tech expert on their boards of directors were promoting roles because now they understood they could lose their business in one day to an attack.\u201d<\/p>\n<p>By drawing on the experience and insights of the wider leadership team, CISOs and chief information officers (CIOs) can gain a broader perspective that could create more effective, 360-degree protection for the business.<\/p>\n<p>Graeme Watt, CEO of UK IT giant Softcat, says responsibility for risk ultimately rests with the CEO \u2013 but he acts based on his CIO\u2019s input. \u201cI have a CIO who reports directly to me, and the information security team sits under them,\u201d Watt says. \u201cI am the person the board looks to on cyber risks, but I don\u2019t do all the reporting myself. I bring the CIO into the board meeting when we\u2019re talking about cybersecurity threats.\u201d<\/p>\n<h3>2. Ensure effective cybersecurity training and collaboration<\/h3>\n<p>Integration between C-suite and cybersecurity teams starts with building a deeper understanding of the issues at hand. This can be achieved with the right training for senior leadership.<\/p>\n<p>\u201cTraining for the C-suite has an additional goal of advocacy \u2013 turning managers into leaders of an organization\u2019s cyber-awareness culture,\u201d says Kaspersky\u2019s Naumova. \u201c<a href=\"https:\/\/www.kaspersky.com\/enterprise-security\/security-awareness\" target=\"_blank\" rel=\"noopener nofollow\">Training using gamification and simulations of real attacks<\/a> are particularly useful. First, they are more engaging, and second, they allow the C-suite to observe the results of their decisions instantly.\u201d<\/p>\n<p>Ricardo Lafosse, CISO at multinational food company Kraft Heinz, says the company promotes a culture of constant collaboration and communication between its cybersecurity team and wider leadership.<\/p>\n<blockquote><p>We report to the board on the cybersecurity landscape, our control sets and any gaps. They truly understand the impact of cybersecurity on the organization.<\/p>\n<cite><p>Ricardo Lafosse, CISO, Kraft Heinz<\/p><\/cite><\/blockquote>\n<p>Lafosse continues, \u201cA great example is marketing. From a privacy and cybersecurity perspective, we have a very close collaboration on how we manage data before we launch a marketing campaign. That shows the importance of cybersecurity as a business enabler.\u201d<\/p>\n<p>A welcome side-effect of promoting the importance of cybersecurity across the business is that employees at every level of the team feel more valued by the company. This is likely to improve retention rates \u2013 an important consideration, given the research found that one-third (34 percent) of company leaders believe the cybersecurity skills shortage will become critical in the next two years.<\/p>\n<h2>C-suite integration is consistent across the world<\/h2>\n<p>The research shows attitudes to greater alliances between cybersecurity teams and the C-suite are consistent globally. The most positive is Latin America, where half of enterprises (51 percent) say closer integration between the C-suite and cybersecurity teams will be very important in the next two years. The lowest is in North America, at 42 percent.<\/p>\n<p>This is encouraging for enterprises with a multinational presence, as it\u2019s important they embed and maintain their culture consistently across global operations.<\/p>\n<p>Kraft Heinz\u2019s Lafosse says C-suite integration at his company is part of a broader positive and proactive cybersecurity approach. \u201cCulturally, the organization respects and responds to cybersecurity events, and we champion great people in the team,\u201d he says. \u201cThe whole company also understands how reliant we are on cybersecurity.\u201d<\/p>\n<p>There are clear advantages in building strong links between senior leadership and cybersecurity teams. Any company seeking protection against ever-sophisticated cyber threats should nurture and value this relationship.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Organizations with strong links between senior leadership and their cybersecurity teams feel better prepared for a cyberattack. Here\u2019s how to make those links.<\/p>\n","protected":false},"author":2521,"featured_media":43769,"template":"","coauthors":[3452],"class_list":{"0":"post-43768","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-enterprise-cybersecurity","7":"emagazine-category-leadership","8":"emagazine-tag-c-suite","9":"emagazine-tag-it-teams"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/cybersecurity-csuite-close-research\/43768\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/43768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2521"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/43769"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=43768"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=43768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}