IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

CISOs aren’t leading by example when it comes to cyber security

Cyber security leaders engage in risky online behavior, according to a survey

New research has found that cyber security leaders may not lead by example and fail to obey security measures they ask staff to abide by.

According to a new report by Constella Intelligence, one in four global IT security leaders have used the same password for work and personal use. Of the respondents, 39% say they haven't changed their work email passwords within the last 30 days.

The survey also found that nearly half (45%) of cyber security leaders connect to public Wi-Fi without using a VPN, putting themselves and their entire organizations at risk. Something the FBI regularly warns users not to do.

The survey also found that 48% of CISOs use their work computers to log into social network platforms, and 63% of CISOs were willing to accept connections from unknown LinkedIn users.

The report, titled Cyber Risk in Today's Hyperconnected World, found that most organizations don't monitor social media for threats against their brand.

"More than half of respondents do not have a formal policy, process, or partner to monitor the digital public sphere—including social media, blogs, forums, or other spaces where threats to brands and executives commonly emerge—for threats that can ultimately have a damaging impact on brand and brand reputation," the report's authors said.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

The survey revealed that 57% had suffered an account takeover (ATO) attack in their personal lives—most frequently through email (52%), followed by LinkedIn (31%) and Facebook (26%).

The research also found that almost three-quarters (74%) of cyber security leaders reported being a phishing or vishing attack's target in the last 90 days. One-third (34%) say they have been targeted in a phishing or vishing attack from someone impersonating their CEO.

"More than ever before, individuals and companies alike need to ensure that a robust and secure environment is in place," said Constella Intelligence CEO Kailash Ambwani.

"Amidst the rise in cyber attacks to organizations, many of which are perpetrated through C-suite impersonations, employee cyber security awareness is now arguably as important as an organization's security infrastructure. And as the professional and personal spheres become increasingly digitally intertwined, both leaders and employees must pay close attention to the role each one of us plays in collective cyber security hygiene."

Featured Resources

AI for customer service

IBM Watson Assistant solves customer problems the first time

View now

Solve cyber resilience challenges with storage solutions

Fundamental capabilities of cyber-resilient IT infrastructure

Free Download

IBM FlashSystem 5000 and 5200 for mid-market enterprises

Manage rapid data growth within limited IT budgets

Free download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

2022 IBM's Security X-Force cloud threat landscape report
Whitepaper

2022 IBM's Security X-Force cloud threat landscape report

22 Nov 2022
2022 Magic quadrant for Security Information and Event Management (SIEM)
Whitepaper

2022 Magic quadrant for Security Information and Event Management (SIEM)

22 Nov 2022
Seven realities facing SMBs as they enter a future of increased cyber threats
Whitepaper

Seven realities facing SMBs as they enter a future of increased cyber threats

21 Nov 2022
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022
Windows users now able to run Linux apps and distros natively
Microsoft Windows

Windows users now able to run Linux apps and distros natively

24 Nov 2022