IT departments should no longer bear the brunt of dealing with the fallout from large scale cyber-attacks – CEOs should be the ones held accountable when significant data breaches occur at their companies.
That's the opinion of nearly a third (29%) of IT decision makers and office workers in the UK, as per VMware's latest survey.
The study, which saw 500 UK office workers and 250 IT decision makers quizzed, shows just why an organisation's cyber-security strategy must be consistent from the board level down, with 24% of respondents expecting to fall victim to an attack within the next 90 days.
Traditionally, the fall-out from a cyber-attack has lied solely in the remit of the IT team, but many IT decision makers believe it is now time for CEOs to shoulder responsibility.
When asked who should be most aware of the necessary actions to take following a significant data breach, 38% of office workers and 22% of IT decision makers said the board, whilst over half (53%) of office workers and 40% of IT decision makers believe it should be the CEO.
However, previous research sponsored by VMware and conducted by the Economist Intelligence Unit from earlier this year revealed that just 5% of UK corporate leaders consider cyber security a priority for their business.
That makes for concerning reading, given that 39% of IT decision makers in the UK believe one of the greatest vulnerabilities to their organisation is that threats are moving faster than their defences.
Commenting on the findings, Joe Baguley, CTO, VMware, EMEA, said: "The issue around accountability is symptomatic of the underlying challenge faced as organisations seek to push boundaries, transform and differentiate, as well as secure the business against ever-changing threats."
He added that today's successful organisations are those that have "moved beyond the traditional IT security approach which may not protect the digital businesses of today".