Skip to main content

UK’s largest businesses failing to understand the language of cybersecurity at board level

22 November 2022

Kaspersky research published today reveals that while the C-Suite considers the threat of cybersecurity attacks to be a greater risk to their businesses than the worsening economic environment, it is unable to prioritise action due to the jargon and confusing terminology used to describe threats

More than half of UK-based C-Suite executives surveyed (57%) believe the biggest risk facing their businesses are cybersecurity attacks, ahead of economic factors (30%), industrial action (29%) and natural disasters (26%). However a further 48% of British C-level security specialists stated that the language being used to describe these threats is the biggest barrier to their management team’s understanding of the most pressing cybersecurity issues

Kaspersky research into the language barriers that exist in cybersecurity finds that 48% of UK-based C-level security, compliance, and risk specialists believe that jargon and confusing industry terms are currently presenting the greatest hurdle to the C-Suite’s understanding of cybersecurity and, most importantly, what they should do about it.

What’s a… Malware?

To illustrate this point more vividly, 46% of all those surveyed stated that they found basic cybersecurity terms Malware and Supply Chain attacks to be confusing. Slightly more technical language used such as ‘Zero Day Exploits’ and ‘Suricata rules’ saw similar levels of confusion with respectively 45% and 48% of respondents claiming to not fully understand these terms.  

“Acronyms, jargon, and idioms act as shorthand for those in the know, but often seem confusing for anyone without direct experience of working in cybersecurity. Our findings suggest that the inability from senior management within large organisations to truly understand the nature of the threats they’re constantly exposed to, means they are often not considered a boardroom priority,” explained Stuart Peters, GM, UK and Ireland at Kaspersky. “In other words, this paints a picture of high-powered C-Suite executives having to make timely, critical business decisions without a clear picture of their own unique threat landscape and the risk it poses to their organisation, preventing them to develop a culture of cybersecurity based on best-practices, knowledge-sharing, and ultimately actionable intelligence.”

No room for cybersecurity in the boardroom agenda

Nearly all (99%) C-Suite respondents are now aware of how often their businesses are being attacked by threat actors. Despite this awareness, 1 in 3 (33%) respondents stated that cybersecurity was only sometimes an agenda item during board meetings, compared with 61% saying that cybersecurity was always an agenda item. 

The findings also suggest that the bigger the organisation, the greater the potential disconnect with overall cybersecurity awareness, nearly 1 in 5 (22%) C-Suite respondents in companies with 5000+ employees stating that cybersecurity is rarely an agenda item for their management or board meetings, compared to just under 2% of C-Suite in companies between 1000-1999 or 2000-2999 employees.

Methodology

Kaspersky ‘Separated by a common language: is the C-Suite able to truly decipher and act upon the real threat of cyberattacks?’ follows a total of 1,800 interviews with C-level decision-makers in large enterprises of 1,000 or more employees across 13 countries in Europe. The research saw respondents asked about cybersecurity within their organization, the measures taken to protect themselves, and the barriers they face as a management team. 

To download a copy of the report, please visit: https://go.kaspersky.com/ti-separated-by-a-common-language.html

UK’s largest businesses failing to understand the language of cybersecurity at board level

Kaspersky research published today reveals that while the C-Suite considers the threat of cybersecurity attacks to be a greater risk to their businesses than the worsening economic environment, it is unable to prioritise action due to the jargon and confusing terminology used to describe threats
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases