Proofpoint’s 2024 Voice of the CISO report reveals a growing optimism towards AI-powered solutions, however the threat of ransomware remains with more than half of CISOs admitting they would pay a ransom

The 2024 report draws attention to a notable trend: while fears of cyber-attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape in the last year. In 2024, 61% of Australian CISOs surveyed feel at risk of experiencing a material cyber attack in the next 12 months, compared to 53% in 2023. However, just 40% feel their organisation is unprepared to cope with a targeted cyber attack, compared to 56% in 2023 and 77% in 2022.

This may be due to the growing optimism in the role of AI-powered solutions to mitigate human-centric risks. As 51% of Australian CISOs surveyed believe that generative AI poses a security risk to their organisation, a vast majority are turning to the technology to help fight back. The research reveals 86% of Australian CISOs are turning to AI-powered technology to protect against human error and block advanced human-centric cyber threats reflecting a strategic pivot towards technology-driven defences. Human error continues to be perceived as the Achilles' heel of cybersecurity, with more than two-thirds (69%) of Australian CISOs identifying it as the most significant vulnerability. In a year of growing insider threats and people-driven data loss, more CISOs than ever (78%) see human risk, in particular negligent employees as a key cybersecurity concern over the next two years.

“While the cybersecurity landscape continues to evolve with increasing human-centric threats, the 2024 Voice of the CISO report highlights what appears to be a pivotal shift towards greater resilience, preparedness and confidence among global CISOs,” said Patrick Joyce, global resident CISO at Proofpoint. “This year’s findings underscore a collective move towards strategic defences, including enhanced education, technological adoption, and an adaptive approach to emerging threats like generative AI.”

However, despite an increased confidence in security capabilities, 54% of Australian CISOs believe their organisation would still pay to restore systems and prevent data release if attacked by ransomware in the next 12 months. The vast majority of CISOs (80%) said they would rely on cyber insurance claims to recover potential losses incurred, compared to 53% in 2023.

Jennifer Cheng, Director of Product Marketing at Proofpoint for Asia Pacific commented, “Mandatory ransomware reporting was introduced by the Australian government as part of their new cyber security strategy last year in a bid to combat attacks. Ransomware costs up to $3 billion in damages to the Australian economy every year and while it’s encouraging to see a general improvement in preparedness from organisations, the devastating impacts of these attacks should not be understated.”

Key Australian findings from Proofpoint’s 2024 Voice of the CISO report include:

“As we navigate through the complexities of today’s cyber threat environment, it’s encouraging to see CISOs gaining confidence in their strategies and tools,” commented Ryan Kalember, chief strategy officer at Proofpoint. “However, the ongoing challenges of employee turnover, pressure on resources, and the need for continuous board engagement remind us that vigilance and adaptation are key to our collective cyber resilience.”

The 2024 Voice of the CISO report examines global third-party survey responses from 1,600 CISOs from organisations of 1,000 employees or more across different industries. Throughout the course of Q1 2024, 100 CISOs were interviewed in each market across 16 countries: the U.S., Canada, the UK, France, Germany, Italy, Spain, Sweden, the Netherlands, UAE, KSA, Australia, Japan, Singapore, South Korea, and Brazil.

The report offers a vital perspective on the state of cybersecurity from those at the forefront of protecting people and defending data. The report also stresses the importance of maintaining robust cybersecurity measures in the face of economic pressures and the critical role of human factors in organisational cyber readiness. The survey also measures the changes in alignment between security leaders and their boards of directors, exploring how their relationship impacts security priorities.

To download the 2024 Voice of the CISO report, please visit: https://www.proofpoint.com/au/resources/white-papers/voice-of-the-ciso-report