• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, Network Security, News

Ransomware Survey: IT Needs To Better Communicate Threats To C-Suite

A (ISC)² survey sheds light on the communication gaps between IT and security professionals and executives on ransomware threats.

January 7, 2022 Zachary Comeau Leave a Comment

Thanks to a year in which ransomware attacks wreaked havoc on corporate networks, IT and cybersecurity professionals have an opportunity to provide more detailed updates and actionable intelligence to corporate leaders, according to a recent survey from (ISC)².

The information security nonprofit membership association’s survey of 750 C-level executives across the U.S. and U.K. show that confidence among IT security professionals is high when it comes to ransomware defense, and there remains a strong willingness to invest in technology and staff.

According to the survey results, 71% of respondents say they are confident in their ability to handle a ransomware attack, which is up from 69%. Only 15% reported a lack of confidence.

The survey also suggests that IT and security professionals need to do a better job relaying cybersecurity and ransomware concerns to executives, as just 55% of executives describe themselves as “very aware,” and 40% say they are “somewhat aware.”

Nearly 60% of executives say the communications they receive from their dedicated security professionals are “excellent or good,” and about one in five say those communications are either “poor or very poor.”

However, that communication appears to be increasing after what many experts say was the worst year ever for ransomware attacks, as the percentage of those that rate communication “excellent or good” increased by 5%.

When asked about the critical information they need from IT when it comes to ransomware, 38% cited ensuring backup and restoration plans are not impacted, 33% cited how operations can be restored in the event of an attack, and 32% said how prepared the organization is to engage with law enforcement.

Read Next: Your Guide to Implementing a Zero Trust Network Architecture

When a ransomware attack actually happens, the top concern among business leaders is exposure to regulatory standards (38%). Next is the loss of data or intellectual property (34%), followed equally by loss of confidence among employees, loss of business, uncertainty that data could still be compromised after paying a ransom and reputational harm (31% each).

Based on these survey results, (ISC)² has five tips for IT and cybersecurity to consider when communicating with executives about ransomware threats:

Increase communication and reporting to leadership

According to the survey, leadership wants and needs more communication about the ransomware threats facing their organization, including more detailed reporting to ensure that leaders fully understand the threat landscape. That could better inform leadership’s decisions about security investments.

Temper overconfidence as needed

A good rule of thumb in cybersecurity is to never be overly confident in your ability to defend against ransomware attacks. The survey indicated that leaders are growing more confident in their ability to do so, but security professionals need to paint a realistic picture of the threat landscape to their C-suite.

Tailor your message

Communicating these security concerns to leaders can sometimes be challenging, so that message must be tailored to the unique business environment or industry in which the organization operates. Focus on the top areas of concern and communicate that risk to leaders in a way that aligns with their concerns.

Make the case for new staff and investments

When it’s clear that the C-suite has a more thorough understanding of the threat landscape, now is the time to make the case for more IT and security staff and other investments, including technology, third-party services and more.

Employ everyone in the organization

While the security of the organization is largely the job of IT and security professionals, leadership, end users and anyone else using corporate systems bear some of the responsibility for defending against ransomware.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Communication, Cybersecurity, ransomware

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.