TMCnet News
Centrify Study Finds CEO Disconnect is Weakening CybersecurityCentrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, today announced results of a new research study with Dow Jones Customer Intelligence, "CEO Disconnect is Weakening Cybersecurity," which reveals that a misalignment between CEOs and Technical Officers is weakening enterprise cybersecurity postures. This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180221005510/en/ The report highlights that CEOs are incorrectly focused on malware, creating misalignment within the C-suite, which results in undue risk exposure and prevents organizations from effectively stopping breaches. Technical Officers (CIOs, CTOs and CISOs) on the front lines of cybersecurity point to identity breaches - including privileged user identity attacks and default, stolen or weak passwords - as the biggest threat, not malware. As a result, cybersecurity strategies, project priorities, and budget allocations don't always match up with the primary threats nor prepare companies to stop most breaches. The study - a survey of 800 enterprise executives including CEOs, Technical Officers, and CFOs - highlights that:
"While the vast majority of CEOs view themselves as the primary owners of their cybersecurity strategies, this report makes a strong argument that companies need to listen more closely to their Technical Officers," said Tom Kemp, CEO of Centrify. "It's clear that the status quo isn't working. Business leaders need to rethink security with a Zero Trust Security approach that verifies every user, validates their devices, and limits access and privilege." CEOs are Investing in the Wrong Cybersecurity Solutions The study also revealed that CEOs are investing in the wrong areas of cybersecurity. The 2017 Data Breach Investigation Report released by Verizon (News - Alert) indicates that 81 percent of breaches involve weak, default, or stolen passwords. Identity is the primary attack vector, not malware, yet the report reveals that malware is still the focus point for most CEOs:
Poor Communication Between CEOs and Technical Officers Leads to Misalignment The study also exposed that the disconnect between CEOs and Technical Officers leads to misaligned security strategies, and tension among executives.
"The traditional security model of using well-defined perimeters between 'trusted' corporate insiders and 'untrusted outsiders' to protect assets has evolved with the advent of cloud, mobile and IoT. Yet most enterprises continue to prioritize spending on traditional security tools and approaches," said Garrett Bekker, Principal Security Analyst at 451 Research (News - Alert). "Centrify's research reveals that a primary reason for conflicting cybersecurity strategies and spending is that C-level executives and technical managers don't always see eye-to-eye regarding security priorities, and a misaligned C-Suite can put the organization at risk. Modern organizations need to rethink their approach and adopt a framework that relies on verifying identity rather than location as the primary means of controlling access to applications, endpoints and infrastructure." Outdated Thinking Results in Higher Risk CEOs also expressed frustration with security technologies that have a poor user experience and cause their employees to lose productivity.
This outdated perception has been resolved by significant innovation by identity security vendors in areas such as machine learning. These advances have substantially reduced the burden of deploying and managing authentication solutions and improved the user experience for a range of security technologies. To read more about how the security disconnect in the C-Suite is weakening cybersecurity, download the Centrify study here. Post to LinkedIn: Should companies be more concerned with malware or identity breaches? Centrify's new research with Dow Jones Customer Intelligence shows a crucial disconnect: http://bit.ly/2EW91qe Tweet about this: Centrify's new research shows that perceptions about the frequency and impact of #cybersecurity breaches differ sharply between #CEOs and technical offers: http://bit.ly/2EW91qe About Centrify Centrify delivers Zero Trust Security through the power of Next-Gen Access. The Centrify Zero Trust Security model assumes that users inside a network are no more trustworthy than those outside the network. Centrify verifies every user, validates their devices, and limits access and privilege. Centrify also utilizes machine learning to discover risky user behavior and apply conditional access - without impacting user experience. Centrify's Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). Over 5,000 worldwide organizations, including over half the Fortune 100, trust Centrify to proactively secure their businesses. About Dow Jones Customer Intelligence As part of the Dow Jones Customer Engine, the Dow Jones Customer Intelligence Unit conducts both bespoke and secondary research on behalf of our brands and our client's brands; and through rigorous analysis and our unique perspectives seek to be a trusted source for relevant, timely, and reliable insights. Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners. View source version on businesswire.com: http://www.businesswire.com/news/home/20180221005510/en/ |