Report by Chartered Institute of Information Security
Where does the buck stop with security regulation?
5 FINDINGSPublished Aug 19, 2025
View Original Report →Key Findings
91% of the security profession believe ultimate responsibility for security lies with the board.
Chartered Institute of Information SecurityWhere does the buck stop with security regulation? ·Aug 19, 2025
Responsibility
Only 31% believe ultimate responsibility for security lies with security managers or CISOs.
Chartered Institute of Information SecurityWhere does the buck stop with security regulation? ·Aug 19, 2025
Responsibility
69% of security professionals think current laws are still not strict enough.
Chartered Institute of Information SecurityWhere does the buck stop with security regulation? ·Aug 19, 2025
RegulationLaws
56% say senior management should face consequences such as sanctions, prosecutions, or fines for serious cyber incidents.
Chartered Institute of Information SecurityWhere does the buck stop with security regulation? ·Aug 19, 2025
Responsibility
Only 34% believe the specific employee who breached policy should be held responsible for serious cyber incidents.
Chartered Institute of Information SecurityWhere does the buck stop with security regulation? ·Aug 19, 2025
Responsibility