Security Market Segment LS
  • Home
  • Business IT
  • Security
  • 94% of security leaders in Asia Pacific do not report directly to CEOs, new tesearch by LogRhythm reveals
Thursday, 24 June 2021 22:56

94% of security leaders in Asia Pacific do not report directly to CEOs, new tesearch by LogRhythm reveals

By LogRhythm
Joanne Wong, Vice President, International Markets, LogRhythm Joanne Wong, Vice President, International Markets, LogRhythm

IT Security Leaders Are Held Most Responsible For Cyberattacks, Yet Lack the Influence Required to Shore Up Security Strategies

COMPANY NEWS: LogRhythm, the company powering today’s security operations centres (SOCs), today released its latest report, “Security and the C-Suite: Making Security Priorities Business Priorities.” The research, which focuses on the roles and responsibilities of cybersecurity leaders, found that more than half of organisations (55%) in Asia Pacific (APAC) have experienced a cyberattack in the last two years and spend an average of US$17 million each on security activities.

Of these organisations, 43 percent of respondents believe that IT security leaders should be held most accountable for preventing or mitigating the consequence of a cyberattack, compared to the CEO (18%) or both the CEO and IT security leader (22%)..

Security Leaders Shoulder More Responsibility and Risk

Cybersecurity leaders in APAC assume greater accountability and risk for ensuring a strong security posture in the past year (61%), compared with the global average (56%). Specifically, cybersecurity leaders in this region believe that they must contend with risks like phishing and social engineering attacks (61%), ransomware (59%) and device vulnerabilities (58%).

At the same time, while 60 percent of respondents believe that cybersecurity leaders should report directly to the CEO, only six percent of security leaders in APAC actually do. On average, they are three levels away from the CEO, which poses challenges in ensuring that the leadership have an accurate and complete understanding of security risks facing the organisation.

Without securing buy-in from their senior leadership, cybersecurity leaders struggle to establish authority and establish their desired security posture. In fact, only 37 percent of respondents in the region agree that their organisation values and effectively leverages the expertise of their cybersecurity, compared to 43 percent globally. This lack of understanding from senior leadership (52%) and executive support (51%) have subsequently been identified as key factors leading to concerns around job security. 

New Security Pitfalls Stem from the COVID-19 Pandemic

This comes at a time when the Covid-19 pandemic has brought about novel security challenges for cybersecurity leaders. This is especially salient in APAC, with 69 percent of respondents, the highest globally, indicating that their biggest security challenge today is securing the remote workforce.

Across the region, close to 70 percent of organisations have more than a quarter of their employees and contractors working remotely. This poses new threats and increases the risk to their sensitive data, with respondents attributing this to:

  • Employees using less secure home networks (71%)
  • Family members being allowed to use the work device (65%)
  • Security protocols not being followed closely (63%)

The Need to Make Security Priorities Business Priorities

The research also revealed that even amid the rising threat of cyberattacks, only 29 percent of cybersecurity leaders in the region report to the board of directors to brief them on cybersecurity risks. Furthermore,  only 43 percent of them do so reactively after a security incident occurs. 76 percent of organisations also do not have a board-level committee dedicated to cybersecurity threats and issues facing the organisation. 

“In today’s fast-evolving cyber threatscape, security leaders are assuming more responsibility and bearing more risks. However, without organisational visibility and a direct line of contact with their CEO and board of directors, they lack the influence to implement a holistic and mature security program,” said Joanne Wong, Vice President, International Markets, LogRhythm. “It is crucial that organisations recognise the need to adopt cybersecurity priorities as a central plank in their business strategy, and empower their cybersecurity leaders and team with the support and resources they need to safeguard their business effectively.”

The study was conducted in conjunction with Ponemon Institute, and featured 1,426 global respondents, including chief information, technology and security executives. Respondents were located in APAC, EMEA and the United States.

For more information, you may download the full report here, Security and the C-Suite: Making Security Priorities Business Priorities.

About LogRhythm

LogRhythm’s award-winningNextGen SIEM Platformmakes the world safer by protecting organisations, employees, and customers from the latest cyberthreats. It does this by providing a comprehensive platform with the latest security functionality, including security analytics; network detection and response (NDR); user and entity behaviour analytics (UEBA); and security orchestration, automation, and response (SOAR). Learn how LogRhythm empowers companies to be security first at logrhythm.com.

Read 1799 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




EXL AI IN ACTION VIRTUAL EVENT 20 MARCH 2025

Industry leaders are looking to transform their businesses and achieve measurable outcomes with AI.

As organisations across APAC navigate the complexities of AI adoption, this must-attend event brings together industry leaders, real-world demonstrations, and visionary panel discussions to bridge the gap between proof-of-concepts and enterprise-wide AI implementation.

Learn how to overcome common challenges in deploying AI at scale.​

Unlock cost savings, efficiency, and better customer experiences with AI.

Discover how industry expertise and data intelligence enable practical AI deployment.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under

Related items

More in this category: « Intalock is Varonis’ first Certified Delivery Partner Ping Identity puts users in control of their identity with new personal identity solution »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments