Chief information security officers worldwide are feeling anxious about the future, with a recent survey revealing that 70 percent of them fear that their organizations are at risk of a substantial cyber attack within the next year. This percentage has increased from 68 percent the previous year and 48 percent in 2022. The survey, conducted by Proofpoint and involving 1,600 CISOs from organizations with at least 1,000 employees across 16 countries, highlighted the growing concerns among these key security professionals.
For many CISOs, the fear of a cyber attack is leading to sleepless nights, especially in countries like South Korea (91 percent), Canada (90 percent), and the US (87 percent), where the worry is most prevalent. Despite the rising concerns, there is a slight improvement in the preparedness of organizations for an attack, with only 43 percent of CISOs reporting feeling unprepared, compared to 61 percent in the previous year.
The top threats keeping CISOs up at night include ransomware, rated as the most significant threat by 41 percent of respondents, followed by malware (38 percent), email fraud (36 percent), cloud account compromise (34 percent), insider threats (30 percent), and distributed denial of service attacks (30 percent). In the event of a ransomware attack, 62 percent of CISOs admitted they would likely consider paying to restore systems and prevent data leakage, reiterating a trend from the previous year’s survey.
While there are some encouraging trends noted in the report, such as the increase in cyber security representation at the board level and closer alignment between CISOs and board members, there is also a growing sense of pressure and burnout among these professionals. Sixty-six percent of CISOs cited unrealistic expectations placed on them, up from 61 percent the previous year, and over half (53 percent) reported experiencing burnout in the past 12 months.
The pressure on CISOs is further exacerbated by high-profile legal battles, such as the SEC charges against SolarWinds and its CISO Tim Brown, which held him accountable for the 2020 supply chain attack. This has led to 66 percent of global CISOs expressing concerns about personal, financial, and legal liability in their roles, indicating a growing sense of accountability and potential repercussions for security breaches.
Overall, the survey underscores the increasing challenges and responsibilities facing CISOs as they navigate the evolving threat landscape and strive to protect their organizations from cyber attacks. With cyber threats on the rise and the repercussions of data breaches becoming more severe, the role of the CISO remains crucial in ensuring the security and resilience of organizations in the digital age.