A recent report by Ivanti has uncovered a striking revelation in the cybersecurity landscape, nearly half (49%) of C-level executives have requested bypassing one or more security measures over the past year. This statistic underscores a significant disconnect between the rhetoric of business leaders concerning cybersecurity and their actual actions.
While 96% of these leaders claim to be moderately supportive and invested in their organization’s cybersecurity, many resort to workarounds and executive exceptions, which may heighten cyber risks.
Notably, executives are twice as likely to report awkward or embarrassing interactions with IT security and four times more likely to seek external, unapproved tech support, suggesting the need for greater awareness and alignment with cybersecurity mandates within organizations.
Ivanti’s Chief Security Officer, Daniel Spicer, raised concerns that senior leaders might be underestimating their attractiveness as targets for threat actors. As workplaces continue to evolve into digital-first environments, the challenge for security leaders lies in securing organizational buy-in and compliance on cybersecurity mandates, particularly among their executive peers. Eliminating unnecessary risks and addressing these discrepancies are essential to avoiding a double standard in cybersecurity practices across the workforce.