To say 2020 was the year of security challenges is an understatement – and for CISOs, the pressure in facing these challenges has only increased. Everything from security strategy, boardroom conversations, and the viability of working remotely requires a new playbook. I’ve had numerous conversations with other CISOs regarding navigating the landscape, and the questions raised shared similar concerns: Was the work-from-home transition as seamless as we’ve been led to believe? How are we navigating hybrid work and executive needs? Are we more or are we less secure today?
To see if there are trending global issues, our Proofpoint team decided to pose questions to CISOs to get their take on our “new normal” and the likely path forward. In our inaugural 2021 Voice of the CISO Report, we capture insights from 1,400 security leaders from around the world. The survey results present some interesting findings.
First, the good news. CISOs feel adequately prioritized from a budget standpoint. For the most part, companies clearly value security in terms of network uptime and reputational risk. The majority of global CISOs expect budgets to increase by at least 11 percent in the next two years. Sixty-five percent believe they will be better able to resist and recover from cyberattacks by 2022/23.
There is another side to the coin, though. Even though CISOs feel valued within the organization, creating a sense of urgency and priority amongst employees around security training and awareness remains a challenge. This leads to 66% of CISOs not believing their organization is prepared to cope with an attack.
Working from anywhere has only added to CISO concerns as the new remote reality hampers their ability to keep organizations safe, and most CISOs admit that company attacks increased during the COVID pandemic. Compounding these headaches is the frequency with which employees put themselves at risk by thinking they are doing the right thing. When you consider more than 90 percent of company breaches require human interaction to launch an attack, CISO anxiety is understandable.
We also learn from the report that where a CISO physically works can increase their stress. For instance, the percentage of CISOs in agreement their company is at risk of a “material cyberattack” in the next 12 months seems to be significantly higher in places like the U.K and Germany. Canada and Singapore fare better.
The report makes clear that CISOs around the world are encountering a range of old and new pressures as we navigate our way thru the new normal with working from anywhere leading the list of concerns.
To view the complete 2021 Voice of the CISO Report, visit: https://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report