04 May 2017
New LBS survey suggests executives willing to gamble on cybersecurity
Despite growing concerns over cybersecurity threats, a new survey suggests executives are willing to gamble potential risk. According to a poll of London Business School US alumni, EMBA-Global executives, and Executive Education past participants, 40 percent of C-Suite executives believe their company has sufficient cybersecurity resources, yet 93 percent believe they are still vulnerable to an attack.
Still, 34 percent of executives claim they are “unsure” of their cybersecurity investments in 2017 – highlighting the wider uncertainty experienced by businesses. Julian Birkinshaw, Professor of Strategy and Entrepreneurship, London Business School, says: “Despite expressing their concern, these leaders need to be certain of the measures being taken at their own firms or which attacks are most likely to occur – a big risk that jeopardises an entire organisation.”
Nuno Sebastiao, London Business School Executive MBA (graduated 2009) and CEO of the AI firm Feedzai, suggests an explanation for the response. “Executives are saying they’re vulnerable and protected at the same time because the threat we’re up against is evolving so quickly,” he explains. “You might think it’s a paradox, but in fact, it’s totally understandable. This is a game of cat and mouse, and the adversary is getting smarter while the cycle times are getting shorter.”
The findings also suggest that executives rely heavily on the US government to play a larger role in mitigating threats – 76 percent think the government fails to protect businesses from cybersecurity threats and incursions. Birkinshaw explains, “Instead of externalising the problem, executives must play an active role in creating and implementing a cybersecurity strategy across the entire organisation.”
Sebastiao agrees and stresses the importance of proper cybersecurity investments. “It’s not just a matter of protecting more and more data,” he explains. “Boundaries separating private and public networks are becoming more porous, and policies like ‘Bring Your Own Device’ (BYOD) are accelerating this change. Our adversaries are professional criminals, well-funded, organised, and busy turning data into money using machine-based attacks. It's not realistic that human intelligence alone will protect company data. More companies are turning to machine learning and artificial intelligence as another solution for this new world order.”