Even among the Fortune 500, few companies take cybersecurity seriously enough to dedicate resources to it, including appointing a chief information security officer (CISO), a new study from security broker and mobile security company Bitglass reveals.
Companies make 2019’s Fortune 500 based primarily on one metric -- their total revenue. It stands to reason that some of that revenue would be directed towards cybersecurity. The study from Bitglass revealed the opposite, highlighting a troubling trend.
The study looked at publicly available data from the companies’ websites, among other sources. The first piece of data that reveals that 77% of Fortune 500 companies don’t even list a person in charge of online security.
“Corporate social responsibility initiatives have made it on to the websites of the Fortune 500, but research has shown that the same level of importance is not being given to publicly demonstrating commitment to cybersecurity initiatives,” explained Anurag Kahol, chief technology officer of Bitglass.
The research also showed that 38% of the 2019 Fortune 500 companies have no chief information security officer (CISO). And, among the 62% that do have a CISO, only 4% list them on their official websites.
The study also shows transport industry is the industry most preoccupied with cybersecurity, followed closely by the aerospace industry. The bottom of the list belongs to hospitality companies, which don’t list executives responsible for cybersecurity at all.
Despite worrying reports regarding data breaches and the problems that such an event would cause, 52% of Fortune 500 companies don’t indicate how, or even if, they are protecting customer data, beyond their legal requirements.