DerrickCalvert

Global CISOs believe that half of them are not prepared

Technology

IT executives consider human error to be the greatest vulnerability of organizations for the year ahead.

Must Read: video downloader

Employees in the IT sector are worried about new hybrid and remote work environments. Chief information security officers (CISOs), are no exception. Proofpoint’s 2022 Voice of the CISO report revealed that half of 1,400 CISOs surveyed felt their company was not equipped to handle a cyberattack. 48% of those surveyed believe their organization is at high risk of being the victim of a cyberattack in the next year.

“As high-profile cyberattacks disrupted supply chains and made headlines, 2021 proved to have been another difficult year for CISOs around world,” stated Lucia Milica (Vice President and Global Resident CISO at Proofpoint). It is encouraging to see that CISOs are now more confident in their security posture as they adapt to new working methods.

Why CISOs aren’t ready for possible attacks

Why do they feel unprepared when more CISOs feel confident about their employees working outside of the office?

Most Popular: event mobile apps

A major issue is the belief that CISOs still believe there is room for improvement in employee preparedness. Potential human error is the Achilles heel of many businesses. 56% view this as the greatest vulnerability in a virtual world. In addition, only half of global CISOs surveyed reported increasing the frequency of cybersecurity training for their employees in the past year. Although 60% of respondents believed that employees understood their role in protecting the organization from cyber threats, it is possible to get supplementary training in the long-term to help avoid attacks.

Another issue is how to adapt to the changes caused by the Great Resignation, and staff who work outside the office. 51 percent of CISOs surveyed stated that they have experienced an increase in targeted attacks over the past 12 months. While increased employee awareness may help, IT teams still need to ensure that employees’ devices are protected in the event that an attack occurs.

Our 2022 report reveals a serious problem as the pandemic’s impact on security teams slowly fades. Milica stated that security teams now have to manage a variety of information protection vulnerabilities as well as insider threats, as workers leave their jobs and opt out of returning to work.

Never Miss: computer against malware

Half of the CISOs surveyed said that employees are moving more frequently into and out of their organization, which presents an added challenge in terms of protecting sensitive information and intellectual properties.

What CISOs can do for better prepared

Proofpoint recommends that CISOs start by implementing zero-trust architecture, enhancing information security solutions and increased awareness training for employees to help protect against ransomware attacks and ransomware. The Great Resignation caused a shortage of skills and resources. CISOs should address this issue, as well as outsourcing security solutions if needed.

Also Read: machine learning

“After two years of strengthening their defenses to support hybrid work, CISOs had to prioritise their efforts to address cyber threats to today’s distributed and cloud-reliant workforce. Their focus has shifted to preventing the most common attacks like ransomware, insider threats, and business email compromise,” stated Ryan Kalember, Proofpoint’s executive vice president for cybersecurity strategy. “Overall, CISOs seem to have accepted 2022 as the calm following the storm.” However, this may be a mistaken sense of security. The cybersecurity waters are getting rougher due to rising geopolitical tensions, increasing attacks on people, and the same gaps in user awareness, preparation, and prevention.