Majority of CISOs believe security breaches are inevitable
According to research from Kaspersky Lab, 86 percent of CISOs believe that breaches are inevitable, but too many are stuck in a vicious circle of risk.
Financially motivated criminal gangs (40 percent) and malicious insider attacks (29 percent) are the biggest risks to their businesses, and these are the threats that are extremely difficult to prevent, either because they are launched by 'professional' cybercriminals or because they are assisted by employees who are expected to be on the right side.
More than half (56 percent) of CISOs are expecting their budgets to increase in the future, though 38 percent of respondents expect budgets to remain the same. However, it's almost impossible for CISOs to offer clear return on investment, or total protection from cyberattacks. More than a third say they can't secure their required IT security budgets because they can't guarantee there won't be a breach.
This is despite the fact that the consequences of an attack are well understood, with reputational (28 percent) and financial (25 percent) damage seen as the most critical results of a cyberattack.
There's a lack of representation at senior level too, with only 26 percent of the IT security leaders surveyed being at board level.
Maxim Frolov, VP of global sales, at Kaspersky Lab, says:
Historically, cybersecurity budgets were perceived as a low priority IT spend, but this is no longer the case. The attack surface of modern businesses is growing, and so too is the frequency and impact of cyberthreats and the cost of cyber incidents. The result is that more and more C-Level executives are now treating IT security as an investment.
Today, cybersecurity risks are top of the agenda for CEOs, CFOs and Risk Officers. In fact, a cybersecurity budget is not just a way to prevent breaches and the disastrous risks associated with them -- it's a way to protect business continuity, as well as a company’s core profile investments.
You can read more about the findings on the Kaspersky Lab site.