The study, conducted on behalf of Palo Alto Networks by Censuswide, surveyed a total of 2500 CEOs from the UK, Germany, France, Brazil and the UAE.
Despite the significant growth in the number of cyberattacks, including ransomware, the level of understanding of cybersecurity risks among UK CEOs is lower than their counterparts in the other markets. Only 16% of UK CEOs surveyed feel that they have a complete understanding of the cyber risks facing their organisation, compared to 21% in Brazil, 21% in the UAE, 22% in France, and 39% in Germany.
While the number and type of cyber attack continues to increase rapidly, the findings suggest that CEOs feel detached from responsibility for cybersecurity. One in five UK CEOs (21%) surveyed say that the CIO is wholly responsible for cybersecurity, while 24% acknowledge that they are partly responsible, but see it as mostly the CIOs job.
When it comes to being prepared for a cyberattack, more than three-quarters of respondents (78%) say that they are confident that they have complete and tested plans and systems for threat protection and recoverability, and 74% say that they are confident the organisation is resourced to adapt to changing threats and vulnerabilities.
However, when asked about their preparedness for a ransomware attack, only 36% say that they have an agreed plan to work with incident response experts to recover data and systems, with over a third (34%) saying that they would pay the ransom to release systems and return the data if hit by a ransomware attack.
UK CEOs surveyed are also amongst the least confident when it comes to managing cybersecurity risks across their supply chain and other third parties that they work with. More CEOs in Germany (39%), France (42%) and Brazil (45%) are very confident in their ability to manage supply chain risks than those in the UK (32%).
Commenting on the findings of the survey, Gavin Mee, Vice President, EMEA West & North at Palo Alto Networks, said, “This study highlights escalating concern over cyber risks among CEOs and shines a light on the need for increased dialogue and education about cybersecurity at all levels of an organisation. As the digitalisation of industries expands the attack surface, cybercriminals are becoming more sophisticated, innovative, and persistent, so our goal at Palo Alto Networks is to safeguard the growth of the UK economy and its companies with the very best cybersecurity platforms and services”.