S&P 500 companies find gaps in their cybersecurity leadership

two people sitting on bench looking at tablet

Image via Unsplash

A report found that S&P 500 organizations have gaps in their cybersecurity leadership when it comes to risk mitigation. The study found that 57% of companies in the S&P 500 lack specialized experience in non-cyber technology categories.

Twelve percent of S&P 500 companies have specialized cybersecurity expertise among their directors, such as a chief information security officer (CISO), former chief executive officer (CEO), or former chief information officer (CIO) of a cyber company on their boards. Seven percent had a current or former CISO on their boards.

An additional 31% of S&P 500 companies have some level of technology expertise on their boards. These individuals might be informed on cybersecurity and technology issues but have less direct cybersecurity experience than those in the highest tier.

Fifty-two percent in the S&P 500 had directors with a more limited connection to the world of cybersecurity, such as a board member who serves as a director for an IT vendor or someone who may have experience in the industry in a role outside the C-Suite.

Read the full report here.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.