Cyberattacks are only getting worse for business, so what are CISOs doing about it?
Firms don't have confidence in defending against ransomware, and many end up paying out
Cyberattacks have been hitting businesses hard, with a massive 90% of CISOs claiming their company was a victim of such an incident within the last year.
When it come to ransomware attacks specifically, 83% of CISOs surveyed in Splunk's new report said they had paid out, with more than half paying over $100,000.
They also fear the rise of generative AI, believing that the advantage will be given to attackers. However, many are experimenting with such tools in their cyber defenses, with 93% using automation either moderately or extensively in their processes.
C-suite and collaboration
However, another problem that is presenting itself is so-called "tool sprawl", which is "likely compounding existing visibility issues," according to Splunk. 88% of CISOs want to use solutions like security orchestration, automation and response (SOAR) and security information and event management (SIEM) to prevent this sprawl.
By using solutions like these, they hope to limit the amount of tools they need and make the defense simpler by employing automation.
Nearly half of the CISOs surveyed also claim they are now reporting directly to their CEO, with CISOs being more responsible for guiding cybersecurity strategies. They are regular participants in board meetings across all industries too. 90% of CISOs also said that their board cares more about cybersecurity than it did two years ago.
As a result, a further 93% of CISOs expect their cybersecurity budget to increase over the next year, even while 83% foresee cuts in other parts of the organization. 80% of CISOs also claim that their organization has faced more threats as the economy has declined.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Greater collaboration across the company has also occurred, with 92% of CISOs saying that cybersecurity collaboration has increased either moderately or significantly between teams, thanks to digital transformation programs and cloud native deployment.
77% said that there has been collaboration between IT and development teams to find the root causes of incidents, although 42% did say there was room for improvement on outcomes.
Splunk CISO Jason Lee commented that, "the C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions," adding, "these relationships provide CISOs the opportunity to become champions who strengthen an organization's security culture and lead teams to become more cross-collaborative and resilient."
"By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defense management and prepare for the future."
MORE FROM TECHRADAR PRO
Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.