1 in 10 C-level execs in SEA unfamiliar with basic cybersecurity terms, says Kaspersky

High-ranking executives meeting with IT security and business functions personnel. (Photo courtesy of Kaspersky)

High-ranking executives meeting with IT security and business functions personnel. (Photo courtesy of Kaspersky)

MANILA, Philippines — Did you know that one out of ten high-ranking Southeast Asia (SEA) executives struggles to understand basic cybersecurity terms?

Based on a recent study conducted by e-security firm Kaspersky, some high-ranking executives in SEA sometimes find it difficult to comprehend their IT (Information Technology) security peers.

It added that some have never heard of cyber threats-related terms and concepts such as Botnet, APT (advanced persistent threat), Zero-Day exploit, DevSecOps (development, security, and operations), ZeroTrust, SOC (security operations center), and pentesting.

Kaspersky revealed the reason why non-IT executives prefer not to disclose this gap is either they want to figure out the meaning of these terms by themselves, they do not believe their IT colleagues will be able to explain it clearly, or do not want to show their tech peers that they have little knowledge about it.

The Kaspersky poll showed that 26 percent of non-IT executives said they are uncomfortable flagging cybersecurity terms they do not understand during a meeting with IT colleagues; 55 percent believe IT personnel will be unable to explain these terms clearly; and 42 percent prefer to hide ignorance in front of their IT colleagues.

“Non-IT top management does not have to be experts in complex cybersecurity terminology and concepts, and IT security executives should keep this in mind when communicating with the board,” Kaspersky Solution Architect Sergey Zhuykov said in a statement.

“To establish efficient cooperation, CISO (chief information security officer) should be able to focus C-level attention precisely on meaningful details and clearly explain what exactly the company is doing to minimize cybersecurity risks. In addition to communicating clear metrics to stakeholders, this approach requires offering solutions instead of problems,” Zhuykov added.

To ease the gap between executives and IT security and business functions personnel, below are five tips from the e-security firm:

RELATED STORIES:

SMEs seen willing to spend 17% more to boost cybersecurity

PH social media craze: 77% of Filipinos more engaging online than in real life

Read more...