Four out of five cybersecurity executives worldwide, including in Belgium, feel pressure from the boardroom to minimize cyber risks to the company.

A study by security specialist Trend Micro shows that when experts want to make it clear that IT poses a serious business risk, many managers do not take this seriously.

The main reason for downplaying the severity of a cyber risk is the fear of making incorrect recommendations. According to 43 percent of Belgian IT security managers, this appears to be a problem. Of those who also feel pressure from their management, 41 percent say they are perceived as overly negative. 33 percent are said to repeat themselves and whine. And 4 in 10 say they get rejected outright.

This indicates a major credibility gap. Companies are failing to bring cyber risks to the same level as other business risks.

Only half (50%) of respondents are confident that their leadership fully understands the cyber risks facing the organization – a number that has barely changed since 2021. More than a third (36%) of respondents say cybersecurity is still viewed as part of IT rather than a business risk.

Additionally, 39 percent believe that only a serious breach and media attention to that breach (38%) would prompt the board to take stronger action against cyber risks.