Board Support Remains Critical as Majority of CISOs Experience Repeat Cyber Attacks
Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released new research as part of the company’s Mind of the CISO initiative. Trellix’s ‘Mind of the CISO: Behind the Breach’ research surveyed global Chief Information Security Officers (CISOs) across major industries to better understand the unique challenges faced after experiencing a cyber attack.
“Raising the urgency and cyber literacy of their own board is one of the CISO’s greatest challenges,” said Bryan Palma, CEO of Trellix. “The research suggests many boards’ willingness to support cybersecurity only happens after an attack. Clearly, it should be the other way around.”
The research reveals what CISOs face in the aftermath of a cyber incident:
- CISOs remain reactive until boards become proactive. 97% of CISOs receive more support from the board following an attack, with 70% respondents revising their overall security strategy and 67% receiving an increased budget for additional technology as well as creating regular reviews of their capabilities, architecture, and staffing.
- CISOs face attacks from all angles. Malware (70%), Phishing (67%), and data theft (67%) are most commonplace.
- XDR is a viable threat prevention solution. All Indian CISOs agree that technology improvements are needed, while 97% believe people and processes also require improvement following a major cyber incident. Further, 94% believe if their organization had implemented XDR, the major cybersecurity event they experienced would have been prevented.
- Hidden consequences of cyber incidents impact organizations the most. Consequences with clear costs, such as revenue loss and rising insurance premiums, were not reported as having the biggest impact. Instead, top impacts include significant stress to their SecOps teams (83%), data loss (67%), and business downtime (67%) as the top factors negatively impacting their organizations.
“In a dynamic cybersecurity landscape, CISOs now play an increasingly critical role in safeguarding an organization against cyberattacks and failure to empower the CISOs can leave organizations vulnerable to attacks. Shifting to a proactive cybersecurity posture – the one offered by technologies like XDR – alongside a robust boardroom dialogue, is not only strategic, but also crucial for securing the organization’s future in the ever-evolving threat landscape,” said Mahipal Nair, Managing Director, Trellix India & Vice President/Head of Human Resources-India/APJ.
To increase engagement among and support for CISOs, Trellix launched its Mind of the CISO initiative earlier this year, encompassing a CISO Council, webinars, and research. For more on these new findings, Trellix’s ‘Mind of the CISO: Behind the Breach’ eBook can be found here.
Methodology
The Trellix study, conducted by Vanson Bourne, surveyed more than 500 global CISOs from companies with a minimum of 1,000 employees in the U.S., Mexico, Brazil, UK, France, Germany, Australia, India, Singapore, UAE, South Africa, Japan, and South Korea. Industries include energy and utilities, healthcare, public sectors, manufacturing and production, and financial services. Every respondent experienced at least one cyber incident in the last five years.