New CIO Magazine Poll: Chief Information Officers Speak Out After September 11th Attacks
FRAMINGHAM, MA – NOVEMBER 12, 2001 – A CIO KnowPulse Poll® of 170 chief information officers (CIOs) reveals the majority (67%) of CIOs are "not very confident" or "not at all confident" that law enforcement will provide their companies with sufficient advance warning of a threat to computer systems. Twenty-seven percent (27%) are somewhat confident with only 2% very confident and 2% extremely confident.
"The horrific events of September 11th came without warning," says Abbie Lundberg, editor in chief of CIO magazine. "The fact is, our computer systems support a lot of critical services "finance, transportation, power" and they'revulnerable. CIOs and business leaders should not wait for specific threats before taking all possible actions to secure their systems and protect against cyberterrorism. They need to act now."
CIO KnowPulse Poll® results indicate a few CIOs are not taking such action against cyberterrorism. While nearly half (49%) of CIOs have had additional responsibility and/or accountability for security infrastructure placed on them since September 11th, more than one-third (39%) still do not have cybersecurity experts on staff or contracted.
Also of note:
· Just under half (47%) will increase the company's budget for information security following September 11th;
· Sixteen percent (16%) never require employees to change their passwords granting network access;
· Five percent (5%) only conduct anti-virus updates in reaction to appearance of new viruses;
· Four percent (4%) say information security does not rank in the top five major concerns of the CIO position.
As for national security, CIOs are split in their confidence level regarding the technologies, plans and procedures currently in place to protect the nation's critical infrastructure. Following speculation that the next terrorist assault on the United States could be a cyberattack, just over half (54%) of CIOs are extremely, very or somewhat confident in the U.S.'s ability to protect critical infrastructures. The remainder are not very confident (32%) or not at all confident (13%). However, CIOs are willing to give up some privacy in their personal use of the Internet in exchange for enhanced national security. A significant majority (70%) say they're willing to surrender additional privacy following the events of September 11th, with 28% saying they are not willing to sacrifice privacy.
Despite the negative impact of recent events on an already slowing economy, CIOs express confidence in business prospects for the year 2002. The majority (76%) are somewhat, very or extremely confident about business prospects for the coming year, with 21% not very confident and 4% not at all confident.
"CIOs are doing their best to heed the messages of our nation's leaders and carry on with regular business," says Lundberg. "Their confidence in 2002 business prospects reflects this notion."
IDG's CIO magazine deployed the poll October 15, 2001, approximately five weeks after the September 11th terrorist attacks on the United States, at the CIO Perspectives Conference in Rancho Mirage, CA. Following the conference, CIO magazine invited a select group of CIO readers (CIOs and business executives) to answer the same CIO KnowPulse Poll® online between Monday, October 29th and Monday, November 5, 2001. The number of respondents from the conference (87) and the online poll (83) bring the total number of respondents to 170 CIOs and business executives who represent the opinions of the most tech-savvy leaders in the world. In addition to the cyberterrorism threats and preparation, the poll also covers CIO opinion on disaster recovery timeline estimates, as well as the predicted effectiveness of newly appointed national leaders Richard Clarke and Tom Ridge.
Complete Poll Results:
1.) Following 9/11/01, has your company placed additional responsibility and/or accountability for security infrastructure on the CIO?
6% Don't know/unsure
2.) Following 9/11/01, what is your comfort level with flying?
42% Less comfortable
7% More comfortable
0% Don't know/unsure
3.) President Bush appointed Richard Clarke national advisor for cyberspace security. How effective do you think this appointment will be in securing the nation's information systems?
2% Extremely effective
7% Very effective
49% Somewhat effective
20% Not very effective
4% Not at all effective
18% Don't know/unsure
4.) President Bush appointed Tom Ridge to US director of homeland security. How effective do you think this appointment will be in securing the nation's information systems?
3% Extremely effective
14% Very effective
58% Somewhat effective
14% Not very effective
4% Not at all effective
8% Don't know/unsure
5.) Are each of the following devoting enough time and human resources to protecting the nation's security?
a) US government:
19% Don't know/unsure
b) Industry in the US: