"96% of CEOs say cyber is critical. Only 15% talk about it at board meetings. That’s not negligence — it’s a leadership disconnect. One we must fix."
That was my first reaction when I read this Accenture Cyber-Resilient CEO Report.
And as a CEO, it also felt a little insulting. It suggests that 9 out of 10 CEOs don’t think cybersecurity is their problem. That feels like clickbait designed to grab attention — but not necessarily to reflect the complex reality of leadership in modern organisations.
Most CEOs do take cybersecurity seriously. But they also know they can’t be an expert in everything. They rely on specialists — their CIOs, CTOs, CISOs, CROs — to provide insight, make recommendations, and execute the company’s cybersecurity strategy.
Just as a CEO delegates financial oversight to a CFO or marketing leadership to a CMO, so too is it reasonable to delegate cybersecurity to the most qualified leaders within the business. That’s not abdication. It’s delegation — and it’s smart. It’s how fast-moving companies win.
Delegation ≠ Disengagement
Delegation is a skill. The best CEOs pride themselves on their ability to lead without micromanaging. They ask smart questions. They listen to the right advisors. They allocate resources where they’re needed most. And they ensure their business remains agile, responsive, and resilient.
But cybersecurity isn’t just another item on the agenda. It’s now a core business risk — one that can impact brand reputation, shareholder value, customer trust, and long-term growth.
So, while CEOs may not be running penetration tests or reviewing firewall rules, they still have a responsibility to lead the conversation.
That’s why I’d encourage CEOs, founders, and directors to ask themselves:
- Is cybersecurity a regular agenda item at your board meetings?
- How frequently does your board and ELT (Executive Leadership Team) discuss cybersecurity?
- Do you have cybersecurity leadership expertise on your board and ELT?
- As CEO, how involved are you in cybersecurity risk assessment and readiness planning?
These are not just IT questions. They are business questions. Strategic questions. Risk and resilience questions.
The Disconnect Is Real — But It’s Fixable
I was surprised to read that only 8% of U.S. corporate boards had cybersecurity expertise as of 2021. That’s a staggering gap for such a high-risk domain.
Accenture’s report highlights a worrying disconnect between perception and practice: most CEOs acknowledge the threat — but many aren’t regularly engaging in meaningful conversations about it at board level.
That’s something we, as business leaders, can change. And as partners and expert advisors to these business leaders, partners must also be challenging clients and encouraging the right conversations.
It starts by treating cybersecurity the same way we treat financial audits or operational planning — as a boardroom priority.
Because when leadership sets the tone from the top, it sends a powerful message: Cyber resilience is fundamental to business survival and success.
💬 I’d love to hear your thoughts:
How involved are your client's leadership teams in cybersecurity planning? Are they asking the right questions at the right level?
Share your thoughts and experience in the comments on my original article here on LinkedIn — and let’s keep the conversation going.
Keeping Businesses Safe and Secure
Prevention is always better than a cure, and one of the best defences is to encourage businesses to proactively boost their company’s cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for businesses to fortify.
No one vendor can stop all email threats, so it’s crucial to remind customers that if they are using Microsoft 365 or Google Workspace, they should also have a third-party email security specialist in place to mitigate their risk. For example, using a specialist third-party cloud email solution like MailGuard.
For a few dollars per staff member per month, businesses are protected by MailGuard's specialist, zero zero-day email security. Special Ops for when speed matters! Our real-time zero zero-day, email threat detection amplifies your client’s intelligence, knowledge, security and defence.
MailGuard provides a range of solutions to keep businesses safe, from email filtering to email continuity and archiving solutions. Speak to your clients today to ensure they’re prepared and get in touch with our team to discuss fortifying your client’s cyber resilience.
Talk to us
MailGuard's partner blog is a forum to share information; we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
Australian partners, please call us on 1300 30 65 10
US partners call 1888 848 2822
UK partners call 0 800 404 8993
