Critical Industries Don’t Grasp IT Risks, Study Shows

May 21, 2012 By The Vigilant Application Owner

Government Computer News – (National) Critical industries don’t grasp IT risks, study shows. A study by cybersecurity researchers at Carnegie Mellon University in Pittsburgh found that top corporate executives too often are disengaged from management of cyber risks to their organizations and that operators of critical infrastructure tend to lag behind the more highly regulated financial services industry in overseeing cybersecurity and privacy protection. The report, “How Boards & Senior – 19 – Executives are Managing Cyber Risks,” found that despite some improvements during the 4 years since the researchers’ first study, there still is a lack of understanding of the importance of IT risks in overall enterprise risk management.