Survey: Majority of Non-Executive IT Security Professionals Unable to Communicate Effectively with Senior Executives

PORTLAND, OREGON May 23, 2013 Tripwire, Inc., a global provider of IT security solutions, today announced the results of a survey of 131 information security professionals that revealed key differences between the way executive and non-executive IT professionals communicate with senior leadership. The online survey was conducted this year between January and March by Hanover Research

Key survey findings include:

  • Only 38% of non-executive respondents use business-oriented language when communicating with senior executives
  • 48% of non-executive respondents believe it is somewhat or very difficult to discuss information security with senior management
  • 78% of executive respondents and 85% of non-executive respondents ranked risk management as the highest among key issues they need to communicate with executive leadership about

“Information security risk is getting a lot of attention due to high-profile incidents and increasing pressure from the SEC, but the good news is this means critical security and risk conversations are occurring at very senior levels in the organization,” said Dwayne Melancon, chief technology officer for Tripwire. “The bad news is most IT security professionals haven’t developed the necessary skills to communicate effectively with non-technical executives.”

Melancon continued: “IT security professionals tend to focus on granular, technical information, but senior leadership wants to focus on how security can protect business goals like revenue growth, profit, competitive agility and customer satisfaction. This ability to communicate the value of information security in terms easily understood by the rest of the business is a critical skill for career success in IT security. Connecting security to the business is destined to become the new normal.”

For more information about the survey please visit:

About Tripwire, Inc.

Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at or follow us @TripwireInc on Twitter.