Board members and IT managers are split over who is in charge in the event of a cyber-attack, according to new research which concludes it shows a “lack” of communication between the two groups.

IT managers believe boardroom members are responsible, while the C-suite views the IT chiefs as in charge.

The disparity is revealed in a survey from BAE Systems, which looked at attitudes to cybersecurity among 1,200 boardroom members and IT managers at Fortune 500 companies.

BAE’s report concluded: “Close examination of the responses to our survey suggested that, while these two groups agree on many things, they often do so from very different perspectives, symptomatic of a lack of clear communication and agreed basic information shared between executives and IT leaders.”

There was also a difference over how the two groups view the cost of a successful cyber-attack. Executives estimated an average cost of $11.6m, while IT professionals pitched it much higher at $19.2m.

Meanwhile, 82% of IT leaders saw spending as part of a comprehensive cybersecurity strategy, a figure at odds with the 50% of board members who held the same view.