top of page

C-suite concerned over cybersecurity breach costs


For UK senior executives who admit their organisations have suffered at least one significant cybersecurity breach within the past two years, the associated costs of a breach are considered the most important consequence.  This is according to a new study by Centrify (, a leading provider of Zero Trust Security through the power of Next-Gen Access, commissioned through Dow Jones Customer Intelligence.


The study of 800 senior level executives, including CEOs, Technical Officers and CFOs in the UK and US, also indicates that there is confusion among the C-suite about what constitutes a cybersecurity risk and what needs to be done to prevent it. In the UK, malware is seen as the biggest threat to an organisation’s success among 44% of respondents, compared to just 24% who point to default/weak or stolen passwords and 29% who blame privileged user identity attacks.  However, of those organisations that experienced at least one significant security breach in the past two years, just 11% admit it was due to malware, while almost twice as many put it down to either a privileged user identity attack or the result of stolen or weak passwords (both 21%).


Barry Scott, CTO EMEA at Centrify, explains: “It’s no surprise that the C-suite often points to malware as the biggest threat. Sensational headlines about major attacks could be to blame, which companies see and react to, often mistakenly, when in fact identity-related attacks – such as stolen or weak passwords, and attacks on privileged users within organisations – are the primary threat to cybersecurity today.


“What’s worrying is that they then look to invest money in protecting against malware, when in fact they should be focusing on the increase in identity-related attacks. Business leaders need to rethink their strategy with a Zero Trust Security approach that verifies every user and every device, and provides just enough access and privilege.”


A Centrify white paper accompanying the research points to a disconnect between CEOs and their technical peers (CTOs/CIOs/CISOs) in both countries when it comes to the most important cyber risks threatening an organisation, which could leave them vulnerable to breaches. View the full study at

bottom of page