Risk Awareness: What Do CEOs Need to Know?
Duquesne University Studies Management's Influence on Security
"That study basically showed that there was marginal effort being placed by small-to-medium-sized businesses, largely because the CEOs felt they were too small a target to be hacked or attacked," says Kenneth Saban, associate professor of marketing at Duquesne University. This result begged the question: Exactly how much influence does senior management's attitude have on an organization's information security policies and practices?
Two key findings from this new study:
- Security preparedness varies across industry, with financial services leading the way;
- Security commitment is influenced by several factors, and awareness is a key one of them.
"Based on heightened awareness, executives are more inclined to support the investments not just in technology, but the ongoing training and education - [recognizing] this is not just a one-time effort, it's an affair."
In an interview about this new research, Saban discusses:
- How do the five industrial sectors differ in security awareness and engagement level?
- What needs to happen to improve information security awareness among senior leaders?
- What's at risk if awareness doesn't improve?
With over 25 years of corporate experience, Dr. Saban brings a wealth of expertise to his students and clients alike. He has first-hand experience working for such Fortune 500 corporations as AT&T, Borden's, Computer Sciences, Midland-Ross, Pass & Seymour/LeGrand, Robbins & Meyers, Vickers and Westinghouse Electric. Over the last several years, Dr. Saban has published several papers, conducted numerous workshops, and received several grants from the Department of Justice to explore the "security preparedness of Small and Medium Enterprises."