santiago silver - Fotolia

Manage Learn to apply best practices and optimize your operations.

CISO survey paints a grim picture: Weak staff, breach fears

Roughly 60% of CISOs expect phishing scams, malware disruptions and cyberattacks that cause 'significant downtime' to affect their company in 2018.

This article can also be found in the Premium Editorial Download: Information Security magazine: Cloud security threats in 2018: Get ahead of the storm

The Ponemon Institute surveyed more than 500 CISOs about their organizations' cyber-risks in 2018 and found growing concerns for the coming year. The skills shortage amid looming data breaches and cyberattacks ranked high on that list, according to the CISO survey, with 70% of respondents citing lack of adequate in-house staff as the top threat in 2018 and 67% indicating their company was more likely in 2018 to suffer a data breach or cyberattack.

In addition to worries about in-house expertise, more than half of CISOs cited an inability to protect sensitive data from unauthorized access, keep up with the "sophistication and stealth" of hackers, and failure to control third parties' use of sensitive data as potential reasons for more data breaches.

Information security budgets in 2018 do not reflect growing security concerns. One-third of the CISO survey respondents pointed to inadequate funding. IT security budgets for the majority of organizations have stayed flat since last year, according to 40% of the CISOs surveyed; 36% projected an increase in 2018, while 23% expected their information security budgets to decline.

Disruptive technologies such as the internet of things also ranked high among CISOs' concerns, with 47% of respondents worried about a potential breach due to their organization's failure to secure IoT devices in the workplace. IoT, mobile and cloud ranked as the top three disruptive technologies for companies to secure in 2018. Social media and blockchain (Bitcoin) were farther down the list, cited by fewer than 25% of CISO survey respondents.

Results of Ponemon Institute 2018 survey of 500 CISOs

Half of respondents in the CISO survey anticipated higher involvement in security practices by the board of directors in 2018. While that is good news for many companies, 66% of CISOs said they expected the job to get more stressful in 2018. Moreover, 44% indicated that they planned to make a lateral move in their organization outside of IT security, and 40% said they expected to change careers in 2018. More results from the Ponemon survey, which was sponsored by Opus, can be found here.

This was last published in April 2018

Dig Deeper on Information security certifications, training and jobs

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

What strategies does your CISO or your organization use to address unskilled in-house security staff?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close