A report found that S&P 500 organizations have gaps in their cybersecurity leadership when it comes to risk mitigation. The study found that 57% of companies in the S&P 500 lack specialized experience in non-cyber technology categories.
Twelve percent of S&P 500 companies have specialized cybersecurity expertise among their directors, such as a chief information security officer (CISO), former chief executive officer (CEO), or former chief information officer (CIO) of a cyber company on their boards. Seven percent had a current or former CISO on their boards.