A survey of 612 Chief Information Security Officers suggests CISOs have a tough road ahead in an ongoing climate of high-profile data breaches.
The survey, sponsored by Opus and conducted by Ponemon Institute, shows 67% of CISOs and Chief Information Officers (CIOs) believe their companies will likely fall victim to a cyberattack or data breach in 2018. And 60% are concerned that a partner or vendor will be to blame.
The most threatening factors named by CISOs, in this order, are:
As readers may have already noticed, the first three bullet points actually represent the same factor: human error. Many other studies also point to the same key factors (in a similar order of importance) as responsible for most data breaches and cyberattacks.
And CISOs should know. Starting this year, their job depends on jumping over these hurdles. 45% of them fear job loss in the event of a data breach this year, and 69% anticipate their roles will be even more stressful.
The survey results don’t mention the EU General Data Protection Regulation, but the GDPR is likely a key reason behind these concerns. Starting May 25, when the new regulation goes into effect, the GDPR will compel data processing companies to protect that data, or else.
Money could be another reason. According to the same poll, less than half of CISOs believe their IT security budgets will increase – a finding that constantly crops up in such studies since 2016.
"It's not an easy time to be a CISO – there's a lot of pain obvious in these survey results,” said Dr. Larry Ponemon, Chairman of Ponemon Institute. “Data breaches and cyberattacks continue to plague organizations and the responsibility of protecting sensitive data stops with the CISO. It's critical that companies support CISOs and reduce risk by implementing standard processes, including policy review and documentation, senior leadership and board member oversight, as well as other safeguards to reduce their vulnerability."
It's not all bad news, though. Looking ahead, more than a third of respondents say they “see a path” to a stronger cybersecurity culture, and half say their boards are starting to get more involved in IT security.
tags
Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.
View all postsDon’t miss out on exclusive content and exciting announcements!