Source - Trouble at the top: The boardroom battle for cyber supremacy from Nominet Cybersecurity dated 3rd June 2019
The above report by Nominet Cybersecurity were based on results from a research which surveyed more than 400 C-suite executives from enterprises across the UK and USA, each overseeing businesses with over 8,000 employees.
The survey results also highlighted concerns raised by these C-suites in the areas where there is a lack of advanced technology, reluctance to accept advice, lack of budget, lack of people, who is ultimately responsible for responding to data breach, confusion in terms of collaboration to resolve the issue, BOD's indifference to the security team, or even sees it as an inconvenience and confusion over the roles of each member and party in the workplace subsequent to a breach.
Sad to note that the above issues are not only confined to organisations across the UK and USA but the same is also prevalent and happening in organisations in Malaysia. Arising from the fear of getting terminated, IT heads or CTO or CIO in organisations in Malaysia generally tend to 'hide' or downplay and not highlighting potential cyber risks in the organisations to their CEO or BOD.
In any organisation in Malaysia or maybe across the world, the following few pictograms is an actual reflection of how an organisation behave when a breach is discovered: