Here’s one reason IT managers may have a hard time convincing senior management to invest in better data security controls:
Those executives overestimate the quality of their organization’s current security.
That’s the message from a recent survey conducted by Gabriel Consulting. Just 22% of the 147 IT pros surveyed think their company’s management truly knows how secure their data is. The majority of respondents said management believes their systems are more secure than they actually are.
That disconnect can cause a number of problems, including making it difficult to get more money for security investments added to the IT budget. Overconfidence can also make it harder for management to deal with data breaches when they occur.
The solution: better communication. Some execs may tend to believe security is only a big issue after something serious happens.
IT managers need to do their part in correcting that idea by keeping management in the loop — in terms they can understand — about what new and ongoing threats the organization faces.