EXECUTIVE SUMMARY:

More and more published reports are spotlighting a thorny issue in the world of cybersecurity: Leadership is not equipped to deal with cybersecurity in today’s world. The threats come via a vast array of vectors, and the methods are increasingly sophisticated. Add that complexity to a well documented cybersecurity talent shortage and c-levels’ apparent misunderstanding of the true risk of cyberattacks and you have a near-perfect storm. With those conditions in play, it’s no wonder that MIT Sloan Executive Education program is introducing a new course called Cybersecurity Leadership for Non-Technical Executives.

As the Check Point Cyber Security Field Guide for Executives reports, a recent Frost & Sullivan study found that, “one-third of executives from major businesses don’t see the value of data security. Worse, those same leaders work at companies that had suffered data breaches and were aware of the significant impact to the company’s bottom line.”

In addition, the ISACA/CMMI Institute reports that only 5 percent of employees think their organization’s cybersecurity culture is sufficient to protect against internal and external threats. Not only that, 9 out of 10 enterprises report a discrepancy between the cybersecurity culture they want and the one they have. And, almost half of the organizations do not have a plan in place to effectively manage the cybersecurity culture.

Stuart Madnick, who will lead the new MIT Sloan Executive Education program, believes it’s critical that organizations focus on culture. More specifically, there’s an urgent need for a holistic and multi-disciplined approach. Quoting Madnick, MIT News writes, “An analogy that I often use is this: You can get a stronger lock for your door, but if you are still leaving the key under your mat, are you really any more secure?”

Madnick’s program will focus on frameworks and best practices for managing cybersecurity-related risk.

Get the full story at MIT News.