A substantial 90% of chief information security officers reported suffering at least one disruptive attack in their organisation over the last year, with 34% reporting a couple of attacks and 13% admitting they suffered several attacks, according to the 2023 CISO report by cybersecurity and observability provider Splunk. Of the surveyed CISOs, 83% paid attackers in the wake of a ransomware attack.
The job of a CISO isn’t the same anymore, with 86% saying their role has changed so much that it is almost a different job. The report also noted that 86% of CISOs believed that generative artificial intelligence will alleviate skills gaps and talent shortages on the security team, filling labour-intensive and time-consuming security functions, and freeing up security professionals to be more strategic.
The study surveyed more than 350 senior security executives from 17 industries across the globe, revealing issues consuming their attention and the emerging trends, threats, and strategies.
Defending Against Threat Landscape
CISOs Paying Ransomware Demands: Several industries experienced ransomware attacks that impacted their systems and business operations in the last year, including financial services (59%), retail (59%), and healthcare (52%). Eighty-three percent organisations paid the attackers in the case of a ransomware attack, and more than half paid at least $1,00,000.
CISOs Trying To Stay Ahead Of Generative AI: Majority of the CISOs (70%) believed that generative AI benefits attackers more than defenders, yet 35% are experimenting with it for cyber defence, including malware analysis, workflow automation, and risk scoring. CISOs in healthcare (88%), manufacturing (76%), and financial services (72%) expressed the most fear that generative AI would give either a strong or slight advantage to adversaries. In financial services, 51% of CISOs said they planned to implement specific cybersecurity controls to mitigate AI security risks.
Reining In Tools Will Close Visibility Gaps: CISOs overwhelmingly said that tool sprawl is a major concern, compounding existing visibility issues. Most CISOs (88%) said they see a need to rein in security analysis and operations tools with solutions like security orchestration, automation and response, security information and event management, and threat intelligence.
Organisations Prioritising Cybersecurity
CISOs Are Now In C-Suite: In 47% of the organisations surveyed, CISOs are now reporting to the CEO, and boards are increasingly looking to them to guide cybersecurity strategy. CISOs across industries, including technology (100%), government (100%), communications and media (94%), healthcare (88%) and manufacturing (86%), reported regular participation in board meetings.
Boards Prioritising Security Funding: Of the respondents, 93% expected an increase in their cybersecurity budget over the next year, yet 83% see cuts in other parts of their organisation. Economic challenges are impacting security, with 80% saying their organisation has faced a growing number of threats coinciding with the declining economy.
Cross-Functional Cybersecurity Collaboration Critical: Of the CISOs surveyed, 92% reported either a significant, or moderate increase in cybersecurity collaboration between security teams, IT and engineering organisations. Seventy-seven percent indicated collaboration with IT and development teams on incident root cause analysis and resolution was good, while 42% found scope for improvement. CISOs agreed that strategic collaboration will be vital to gain visibility and ensure resilience throughout the organisation.
“The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions,” said Jason Lee, CISO at Splunk. “These relationships provide CISOs the opportunity to become champions, who strengthen an organisation’s security culture and lead teams to become more cross-collaborative and resilient,” Lee said. Bloomberg