Express Computer
Home  »  News  »  CISO Research Reveals 90% of Organisations Suffered at Least One Major Cyber Attack in the Last Year; 83% Report Ransomware Payments

CISO Research Reveals 90% of Organisations Suffered at Least One Major Cyber Attack in the Last Year; 83% Report Ransomware Payments

0 116

Splunk has released its 2023 CISO Report, a new global research report detailing emerging trends, threats and strategies for today’s Chief Information Security Officers (CISOs), Chief Security Officers (CSOs) and other qualified security leader equivalents.

“The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions,” said Jason Lee, CISO, Splunk. “These relationships provide CISOs the opportunity to become champions who strengthen an organisation’s security culture and lead teams to become more cross-collaborative and resilient. By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defence management and prepare for the future.”

Notably, 86% of surveyed CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labour-intensive and time-consuming security functions and freeing up security professionals to be more strategic. Thirty-five percent report using generative AI for positive security applications and an additional 61% will likely use it within the next 12 months. Additional key findings from the research include:

CISOs Defend Against the Threat Landscape

CISOs pay ransomware demands. Ninety percent of respondents reported their organisation experienced at least one disruptive cyber-attack last year. Numerous industries experienced ransomware attacks that significantly impacted their systems and business operations, including financial services (59%), retail (59%) and healthcare (52%). Eighty-three percent of organisations paid the attackers in the wake of a ransomware attack, and more than half paid at least $100,000. The retail industry is the most likely to pay the ransom, with 95% of respondents reporting they either paid directly, through cyber insurance or a third party.

CISOs are trying to stay ahead of generative AI. The majority of CISOs (70%) surveyed believe generative AI could give cyber adversaries more opportunities to commit attacks, yet 35% are already experimenting with it for cyber defence including malware analysis, workflow automation and risk scoring. CISOs in healthcare (88%), manufacturing (76%) and financial services (72%) express the most fear that generative AI would give either a strong or slight advantage to cyber adversaries. Fifty-one percent of CISOs in financial services say they planned to implement specific cybersecurity controls to mitigate AI security risks. Ninety-three percent of CISOs have extensively or moderately implemented automation into their processes.

Reining in tools will close visibility gaps. CISOs overwhelmingly responded that tool sprawl is a major concern, likely compounding existing visibility issues. The vast majority (88%) say they see a need to rein in security analysis and operations tools with solutions like security orchestration, automation and response (SOAR), security information and event management (SIEM) and threat intelligence. CISOs are looking to decrease the number of tools they use and simplify processes with automation.

Organisations Prioritise Cybersecurity

CISOs are now in the C-Suite. In 47% of organisations surveyed, the CISOs are now reporting directly to the CEO, indicating a closer relationship with the C-Suite and their respective governing boards. Boards of directors are increasingly looking to CISOs to guide cybersecurity strategy, offering an opportunity for CISOs to articulate value and fill in communication gaps. Numerous CISOs across many industries report regular participation in board meetings, including technology (100%), government (100%), communications and media (94%), healthcare (88%) and manufacturing (86%). Ninety percent of CISOs say their governing board cares more about different KPIs and security metrics today than it did two years ago. The top three CISO metrics for success are: results of security testing, the ROI of security investments, and the ability to purchase cyber insurance.

Boards prioritise security funding. Ninety-three percent of respondent CISOs expect an increase in their cybersecurity budget over the next year, yet 83% see cuts in other parts of their organisation. Economic challenges are impacting security with 80% saying they have noticed their organisation has faced a growing number of threats coinciding with the declining economy.

Cross-functional collaboration will be critical for a lasting resilience strategy. Ninety-two percent of respondents report either a significant or moderate increase in cybersecurity collaboration between security teams, IT and engineering organisations, largely driven by initiatives like digital transformation, cloud native development and a greater emphasis on risk management. Seventy-seven percent indicate collaboration with IT and development teams on incident root cause analysis and resolution was good, while 42% said there is still room for improvement. CISOs agree that strategic collaboration will be vital to gain visibility and ensure resilience throughout the organisation.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image