Articles about CISO

The majority of CISOs are taking on responsibilities beyond cybersecurity, including business risk, IT oversight, and digital transformation. Three percent of CISOs attribute their raise to taking on larger scope, while others see it reflected in merit increases.

New research from IANS Research and Artico Search surveyed over more than 830 CISOs and other security leaders to understand the key trends and challenges reshaping CISO role.

Continue reading →

Stories of CISOs being held personally liable for cybersecurity incidents has negatively affected their opinion of the role for 70 percent of respondents to a new survey.

At the same time 34 percent in the study for BlackFog, of 400 IT decision makers across the US and UK, believe that the trend of individuals being prosecuted following a cyberattack was a 'no-win' situation for security leaders: facing internal consequences if they report failings and prosecuted if they don't.

Continue reading →

A new report finds 61 percent of organizations have suffered a security breach in the past year because their policies, governance, and controls failed or were not working effectively. This is costing US businesses $30bn and UK businesses £10bn per year.

The study from security posture management firm Panaseer surveyed 400 security decision makers across the US and UK and found 72 percent have taken out indemnity insurance in response to growing personal liability, whilst 15 percent have considered leaving the industry.

Continue reading →

Enterprises face an increasing range of cybersecurity risk, but quantifying and managing those risks can be a difficult task.

Recent Gartner research shows that more companies are trying to roll out cyber risk quantification (CRQ) in order to get a greater understanding of their risk profile.

Continue reading →

A new report from digital transformation consultancy Gemserv, based on a survey of CISOs at 200 large UK and EU enterprises, finds most believe boards are overconfident of their understanding of cybersecurity issues, and are failing to provide CISOs with the support they need to properly protect the organization.

According to the findings, 88 percent of CISOs think the threat landscape is becoming more complex, with 37 percent not confident they have the resources they need. 44 percent struggle to recruit and retain the skilled people they need, amid a 3.2m 'workforce gap' for IT talent.

Continue reading →

Data from a recent survey conducted by RSA Conference shows that 72 percent of Fortune 1000 CISOs say they have already seen threat actors using generative AI against their organization.

AI-generated phishing emails are the top threat, with 70 percent of CISOs reporting that they've observed highly tailored phishing emails targeting their business Other top GenAI threats include vishing (37 percent), automated hacking (22 percent), deepfakes (21 percent) and misinformation (17 percent).

Continue reading →

A new survey finds that 24 percent of CISOs or IT security decision makers (ITS DMs) are actively looking to leave their position.

The research, commissioned by BlackFog, finds that a further 54 percent, while not actively looking to quit, are open to new opportunities.

Continue reading →

With the current climate of new and more sophisticated cybersecurity products, greater risk and pressure on budgets, it's more important than ever to ensure that they get the best return on their investments.

We spoke to Karthik Swarnam, chief security and trust officer at ArmorCode, to discuss the best practices to ensure ROI from security investments.

Continue reading →

A new survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns across a number of areas.

The study from Portnox finds worries around the effectiveness of zero trust, the limitations of multi-factor authentication (MFA), and a looming threat to job security amidst an increasingly complex cybersecurity landscape.

Continue reading →

A new survey of cybersecurity professionals finds that 75 percent of respondents think phishing attacks pose the greatest AI-powered threat to their organization, while 56 percent say deepfake enhanced fraud (voice or video) poses the greatest threat.

The study from Team 8, carried out at its annual CISO Summit, also finds that lack of expertise (58 percent) and balancing security with usability (56 percent) are the two main challenges organizations face when defending AI systems.

Continue reading →

Deepfakes are picking up steam and no one is safe -- not even the President of the United States, who was recently the subject of an election-based audio deepfake scandal. And with an unavoidably heated year ahead with the impending presidential election, I anticipate deepfakes will continue to proliferate.

Deepfakes are a unique cybersecurity topic. They stem from social engineering and are always evolving, but there’s a responsibility for CISOs to position their organizations to combat them.

Continue reading →

Nearly two-thirds of CISOs report increasing budgets this year, with average growth rising from six percent in 2023 to eight percent this year, but this is only about half of growth rates in 2021 (16 percent) and 2022 (17 percent).

A study from IANS Research and Artico Search shows that a quarter of CISOs are experiencing flat budgets while 12 percent face declines.

Continue reading →

CISOs are under the microscope to prove they can reduce vulnerabilities in the software development life cycle -- particularly, that they can do so from the start of code creation. As such, CISOs are searching for the most effective way to ensure the security awareness of their developers before they take on the responsibility of writing and introducing code.

Secure Code Warrior's co-founder and CTO, Matias Madou, believes that a 'gatekeeping' standard -- where developers are incrementally given access to more sensitive projects -- is the key to building a strong foundation for secure coding processes.

Continue reading →

While CISOs are often responsible for technology implementation, they are not getting the support they need at a strategic level according to a new report.

The study from LevelBlue looks at the dynamics among enterprise C-suite executives to better understand issues that prevent risk reduction, stall or complicate compliance, and create barriers to cyber resilience.

Continue reading →

Operational technology (OT) systems have long been common in industries such as manufacturing, utilities, and healthcare. However, as these systems now increasingly integrate with IT networks, they are becoming the responsibility of the Chief Information Security Officer (CISO). As a result, CISOs in these sectors need to secure OT systems alongside traditional IT systems. This added responsibility has significantly increased the demands on security leaders.

Now, to safeguard both IT and OT systems, CISOs must possess the right knowledge and resources. Understanding the complexities of OT systems is necessary for the protection of vital operations and infrastructures, however it can be difficult to separate genuine expertise from sales hype. 

Continue reading →