The Great Divide: Cyber Security in the Corporate Boardroom

The Economist Intelligence Unit logo
Not a day seems to go by without news about a new data breach or some other threat to a company’s cyber security. Given the potential harm and collateral damage to a company’s reputation, it would seem almost intuitive that a company’s cyber security strategy would be one corporate initiative around which everyone would agree. But surprisingly, a new global study by The Economist Intelligence Unit (EIU), sponsored by VMware, concludes exactly the opposite.

Conducted over the first two months of 2016, the study surveyed 1,100 senior executives, recruited from companies between $500 million and $5 billion in revenues, on data security practices within their firms. The survey consisted of C-suite executives, such as CEOs, CFOs, and COOs; and security executives, such as CIOs, Chief Data Officers or Chief Information Security Officers. The survey’s principal objective was to analyze the differences, if any, between the security team and non-security team senior executives on data security. The results reveal an interesting disconnect between the two sets of corporate leaders: a Great Divide in attitudes that extends from differing perceptions of the imminent danger of cyber threats to budget priorities.

A Fundamental Difference in Corporate Priorities

Perhaps the most surprising finding was the opposing view of the perceived importance of cyber security as a high-priority initiative. Only five percent of non-security C-suite executives surveyed considered cyber security their highest priority initiative—a ranking that placed it next to last on a list of major corporate initiatives for 2016. On the other side of the board room, the security team executives overwhelmingly listed cyber security as their highest priority moving forward into 2016.

Over the coming weeks, VMware will take a deeper dive into this survey in a series of articles that will look at the results, explore the surprising gap in attitudes among the two different groups of corporate leaders, and consider what this great divide might mean for the future of cyber security. How did this divide come to be? What can, or should, both groups do to bring their views into alignment? Stay tuned as VMware looks at these and related issues in the weeks ahead.

For further reading now, take a look at the EIU cyber security briefing report, and read VMware CTO Chris Wolf’s perspective on networking and security.