Email security shouldn’t be something on the agenda for next month, next quarter or next year. Email security is something executives should have been investing in yesterday – and the longer they delay, the greater the risk.

Let’s look at the numbers: More than 80 percent of IT security managers agree that email is a major attack channel today. But, nearly just as many aren’t confident in their current email security and don’t think they could stand up to a future attack.

In other words, a majority of IT security professionals agree that email-based attacks are major threats, but are completely lacking in the equipment or the confidence to tackle them. Does this sound like a good business strategy?

The attitude that many C-suite executives approach the issue with is especially troubling. Nearly all IT managers want their C-suite to take an interest in email security, but the reality is that almost half of executives range from only somewhat engaged on it to being completely checked out.

It’s 2016. It’s irresponsible for executives – from the CEO to the CTO to the CISO and everyone in between – to take an apathetic attitude toward email security. Particularly when their own IT security managers are telling them the threat is real and they’re not ready to defend against those attacks.

As a CEO myself, I know full well the pain points of adopting new technology and new security solutions into a pre-existing infrastructure – both the logistics and the costs that have to go into the effort. But, I also know the pain points that lead many companies to upgrade their email security in the first place: a spear-phishing email, a whaling attack, a bad link, a malicious attachment… Basically, anything that triggers a data breach and puts your organization at the top of Google News for all the wrong reasons. I know because I talk to these companies all the time.

So, consider this a call to arms.

The numbers are in: Email attacks are a major vulnerability to your company, any company, and they’re becoming increasingly sophisticated. Your security managers are telling you what you need – the tools and, yes, the funds – to best reduce your vulnerability. Listen to them. Talk with them. Get out ahead of the curve and stay a step ahead of the threats. Don’t be somebody else’s cautionary tale.