Articles about CISO

IT leaders are optimistic about the value AI can deliver, but readiness is low. Many organizations still lack the security, governance and alignment needed to deploy AI responsibly.

A new study by the Ponemon Institute for OpenText finds 57 percent of CIOs, CISOs, and other IT leaders rate AI adoption as a top priority, and 54 percent are confident they can demonstrate ROI from AI initiatives. However, 53 percent say it is ‘very difficult’ or ‘extremely difficult’ to reduce AI security and legal risks.

Continue reading →

As cyber threats become more frequent and complex, CISOs are increasingly concerned about their organization’s ability to withstand a material attack. 76 percent feel at risk of experiencing a material cyberattack in the next 12 months, yet 58 percent say they are unprepared to respond.

The latest Voice of the CISO report from Proofpoint surveyed 1,600 global CISOs across 16 countries and finds human behavior remains a critical vulnerability, with 92 percent attributing at least some data loss to departing employees.

Continue reading →

A new State of the Security Profession survey from The Chartered Institute of Information Security (CIISec) shows that 91 percent of the profession believe ultimate responsibility for cybersecurity lies with the board and not security managers or CISOs (just 31 percent).

The survey focused on regulation in the light of a wave of major regulations either recently passed or coming into force -- including the EU AI Act, DORA, NIS2 and the UK’s Data (Use and Access) Bill.

Continue reading →

While 79 percent of organizations are already using AI in production environments, only six percent have implemented a comprehensive, AI-native security strategy.

This is among the findings in the new AI Security Benchmark Report from SandboxAQ, based on a survey of more than 100 senior security leaders across the US and EU, which looks at concerns about the risks AI introduces, from model manipulation and data leakage to adversarial attacks and the misuse of non-human identities.

Continue reading →

The technology world is a fast moving one and keeping up with the latest trends can be difficult. Yet it's also essential if you're not to lose competitive edge or get caught out by new risks.

We spoke to Myke Lyons, CISO of data infrastructure company Cribl, to discuss what the priorities for cyber leaders should be and what things are likely to keep them awake at night.

Continue reading →

While the average total compensation for CISOs at large enterprises is $700K, those at $20B+ firms average $1.1M, with top earners exceeding $1.3M. These people are often managing $100M+ security budgets and teams of over 200 staff.

A new report from IANS Research along with Artico Search looks at data from more than 860 CISOs, including 406 at enterprises with $1B+ in annual revenue.

Continue reading →

A new survey of 200 chief information security officers (CISOs) from across diverse industries and regions finds that 49 percent of CISOs say buyers now factor application security (AppSec) into their purchasing decisions.

The study from Checkmarx shows 24 percent say that application security is 'always' a factor in those decisions. This trend is most pronounced in Europe, where 58 percent of respondents report that security is always a factor, compared to 33 percent in the Asia Pacific region and only eight percent in North America.

Continue reading →

Ransomware attacks are increasingly targeting organizations across industries, with the potential to cause devastating financial, operational, and reputational damage.

We spoke to James Eason, practice lead for cyber risk and compliance at Integrity360, to get his insights into how executive boards can effectively prepare for such incidents.

Continue reading →

The overall threat landscape facing organizations is expanding, yet many of the threats such as phishing remain the old favorites. What's more, AI is making them more effective by eliminating many of the old tell-tale signs.

With the evolving challenges and risks facing them, how can CISOs effectively network internally and externally to gather support of the broader team and build an appropriate security posture? We spoke to Robin Bell, CISO at Egress, to find out.

Continue reading →

New research from Darktrace finds that 78 percent of CISOs say that AI-powered threats are having a significant impact on their organizations, a five percent increase from 2024.

There's more confidence about dealing with them though, more than 60 percent now say that they are adequately prepared to defend against these threats, an increase of nearly 15 percent year-on-year.

Continue reading →

It's becoming common in the cybersecurity industry to encounter two situations that are equally untenable.

On the one hand, the job of a typical chief information security officer (CISO) has become overburdened with the high stress of constantly evolving risks, talent shortages, budget constraints, board disconnects and more, leading to burnout. On the other, many organizations, particularly small to midmarket ones, don't have the resources to afford a full-time security executive, despite facing the same cybersecurity and compliance challenges as everyone else.

Continue reading →

Following a number of high-profile cybersecurity incidents in 2014 CISOs are reassessing their organization's readiness to manage a potential chaos of a full-scale cyber crisis.

New data from Hack The Box shows many CISOs -- based on a sample of 200 across the UK and US -- are concerned about their organization's ability to handle a cyber crisis. This is down to a number of reasons, the rising volume of cyber incidents (31 percent), lack of incident response planning (20 percent), and a lack of realistic, stress-tested crisis simulations (19 percent).

Continue reading →

A new report from Splunk shows 82 percent of CISOs now report directly to the CEO, up from 47 percent in 2023, and 83 percent participate in board meetings somewhat often or most of the time.

However, only 29 percent of CISOs say they receive the proper budget for cybersecurity initiatives and accomplishing their security goals, compared to 41 percent of board members who think their cybersecurity budgets are adequate.

Continue reading →

The majority of CISOs are taking on responsibilities beyond cybersecurity, including business risk, IT oversight, and digital transformation. Three percent of CISOs attribute their raise to taking on larger scope, while others see it reflected in merit increases.

New research from IANS Research and Artico Search surveyed over more than 830 CISOs and other security leaders to understand the key trends and challenges reshaping CISO role.

Continue reading →

Stories of CISOs being held personally liable for cybersecurity incidents has negatively affected their opinion of the role for 70 percent of respondents to a new survey.

At the same time 34 percent in the study for BlackFog, of 400 IT decision makers across the US and UK, believe that the trend of individuals being prosecuted following a cyberattack was a 'no-win' situation for security leaders: facing internal consequences if they report failings and prosecuted if they don't.

Continue reading →