It’s 2023, and still a surfeit of organizations lack modern-day cybersecurity. Whether it’s due to lack of cyber awareness, low risk comprehension, resource or budget limitations, or simply priorities heavier than the weight of potential cyber attacks’ impacts, proper security measures aren’t as prevalent as they should be. And on the widest macro scale, it’s hard to pinpoint just one or two reasons as to why.
So, let’s narrow it down; in today’s case, we’ll cover Chief Information Security Officers (or CISOs), specifically.
Recently, cybersecurity company Trellix revealed its "The Mind of the CISO" research at the 2023 RSA Conference, offering insights into the challenges faced by global Chief Information Security Officers (CISOs) across myriad industries. The study, conducted by Vanson Bourne, surveyed more than 500 CISOs from companies with at least 1,000 employees in nine countries.
First, a bit on Trellix and why this research is significant: Trellix is known for delivering Extended Detection and Response (XDR) cyber approaches. XDR’s long-story-short is that it enhances organizations’ security postures via integration with top security tools to provide a truly comprehensive view of a threat landscape. XDR’s benefits include data gathered from endpoints, networks, emails and elsewhere (in order to paint a full picture of visibility regarding threat detection and quicker responses and mitigation), as well as simplified security operations, a minimization of alert fatigue, faster incident results via context-rich security info, and overall increased ROI. And Trellix specifically keeps organizations safe with a living XDR platform for more easily managing these security must-haves, given (again, in regard to our modern age) sophisticated threats are evolving.
And so must XDR.
So, it makes sense why Trellix has offered its “The Mind of the CISO” industry-spanning insights.
Bryan Palma, CEO of Trellix, stated, “Our research shows CISOs are motivated by a mission to protect. Yet, CISOs tell us they feel unsupported, unheard, and invisible.” Palma, a former CISO himself, emphasized the need to revolutionize SecOps strategies, especially in light of AI being utilized by actors both good and bad.
At a glance, the research identified several pain points for CISOs:
Insufficient support: A staggering 96% of CISOs struggle to obtain executive board support for essential resources, while 48% believe cybersecurity challenges would be easier to tackle if all employees were more aware of the issues. One-third of the CISOs also cited a shortage of skilled talent on their teams as a significant challenge.
High pressure: 86% of CISOs have managed a major cybersecurity incident at least once, with 40% having done so multiple times. Moreover, 72% of respondents feel fully (or at least mostly) accountable for such incidents, leading to 43% experiencing major attrition within their SecOps teams.
Too many ineffective solutions: Organizations reported using an estimated average of 25 individual security solutions, with 30% of CISOs indicating that the sheer plethora of technology (without a single source of truth) is a major obstacle.
Overall, the need for the right solutions: 94% of CISOs agreed that having the appropriate tools would save them significant time, and 44% expressed a desire for a single integrated enterprise tool to optimize security investments.
Trellix’s research highlights the urgent need to empower CISOs with the resources, support, and tools required to effectively combat cybersecurity threats.
Read more from Trellix
here.
Edited by
Greg Tavarez
