A Question Of Mindset – Bringing Cybersecurity To The Boardroom

by | May 5, 2021 | CEO Blog, Thought leadership

Cybersecurity can present an existential threat to any organisation that becomes the victim of an attack, yet too many leadership teams don’t know how to assess the risks they face, build a business-focused strategy or understand how to determine the right levels of security investment.

Let’s be clear, this isn’t about general levels of awareness – there can be very few leadership teams who by now don’t understand the importance of securing their IT networks, files and data from the varied and growing risks they face. Yet, as we also know, the number of attacks is growing all the time and the headlines about devastating security breaches continue to appear.

Take this worrying revelation from the leading industry site, Computer Weekly, for example: “. . . authorities have warned network administrators that US Websites and email servers might come under increased attack from Chinese hackers next week.” This is certainly worthy of attention, but it’s also very telling when you realise this quote is actually almost exactly twenty years old, having been published on the site in April 2001.

So, how do we account for the lack of urgency still given to cybersecurity across many of today’s boardrooms two decades later? Without doubt, one of the main reasons is around leadership mindset. For example, many business leaders still pigeonhole cybersecurity as purely an IT ‘problem’. To an extent, that’s understandable given the complex nature of the issues and the role of technology in protecting businesses from risk and attack. But the problem with this approach is that leaders don’t feel willing or able to engage with the issues at stake, with the risk that they aren’t in a position to set the tone for their strategic cybersecurity posture.

In many other boardrooms, the dominant perspectives are equally concerning. Yes, these leaders will accept the general need to invest in a cybersecurity strategy, but don’t give it sufficient focus because they don’t see themselves in immediate danger. This can mean that investment decisions – some of which are vital – are kicked down the road in favour of different, non-cybersecurity priorities.

Other leaders are primarily focused on the need for the investment decisions they make to deliver a definitive financial return. The problem here is that one of the most tangible demonstrations of a successful cybersecurity investment is that things don’t happen – systems, documents, users and data remain out of reach to bad actors, which is exactly what we should all be focused on. For many leaders, however, that doesn’t deliver measurable RoI, so it’s not an investment priority.

Whichever way you look at it, this ‘corporate procrastination’ is a dangerous strategy to rely on. Instead, business leaders need to focus their attention on understanding the nature of risk and the impact a successful cybersecurity attack can have on their ability to operate normally, on their levels of compliance, their reputation – even their outlook to remain in business at all.

Instead, leaders should see their role in the cybersecurity decision-making process in a different light, adopting a mindset where they engage with the issues, the risks, and seek out advice that can better inform their decision making. In doing so they put themselves in a much stronger position to focus time and investment into keeping their organisations safe, viewing cybersecurity as delivering a range of benefits that are as important as any other issues that reach the boardroom agenda.

This doesn’t require leaders to become technology experts, to step outside of their core competencies or to do someone else’s job for them. Instead, it means that they take a proactive perspective on their role in delivering cybersecurity to build an approach where money spent on minimising the risk of breaches and attack is seen as a valuable investment, rather than an inconvenient overhead.


What are file-based threats?

What is zero-trust file protection?

How does Glasswall CDR work?

Picture of a knight mask with swords to illustrate our battle for being the market leader in CDR

Glasswall vs Competitors

Why Glasswall CDR?

Learn about the simple way to protect against sophisticated file-based threats.

All resources



Case Studies

Use Cases




Product help



Contact us


strategic alliances

About our Partner Program

Our Partners

Become a Partner

Glasswall partner program

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People




Contact Us

support lines


Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.