Skip to main content

CISOs believe data breach experience makes them more employable

(Image credit: Shutterstock)

Over half of CISOs believe that experiencing a data breach makes them more attractive to potential employers according to a new survey from Optiv Security.

To compile its new “State of the CISO” report, the firm surveyed 200 CISOs and senior security personnel with equivalent responsibilities from both the US and the UK.

Optiv's survey revealed a fundamental change in how senior executives and board members perceive cybersecurity with the fact that 58 percent of respondents said that experiencing a data breach makes them more desirable to potential employers being the most surprising.

This idea stands in stark contrast with the way things were just a few years ago when a data breach was often considered a fireable offense for CISOs.

Changing attitudes towards cybersecurity

Optiv's report also shows that attitudes towards cybersecurity are changing with 96 percent of those surveyed either slightly or strongly agreeing that senior executives have a better understanding of cybersecurity than they did five years ago.

The firm also found that 67 percent of businesses now prioritize cybersecurity above all other business considerations as cyberattacks have become more frequent and also more severe. Cybersecurity risk has also become important enough that 76 percent of those surveyed believe that CISOs will soon begin to be named as CEOs.

Optiv discovered that a significant amount of CISO are not following best practices when it comes to cybersecurity. For instance, more than half (54%) of US CISOs and 44 percent of UK CISOs indicated that they practice their incident response plans once a year or less when industry best practices call for more frequent incident response tests and practice.

Of all the CISO surveyed by Optiv, 88 percent agreed that it would be a good idea to have a global treaty in place on cybersecurity, similar to the Geneva Convention, where countries agree to a set of principals governing their online conduct.