The CISO and Cybersecurity Report from Fortinet takes a snapshot of how CISOs are approaching cybersecurity, and how their organizations view the CISO. Most certainly, the CISO’s role has increased in scale, scope, and importance over the past decade, moving into the ranks of executive management at many organizations. Mounting complexity of IT networks, increasing sophistication of threat actors, and the rising cost of cyber crime add up to a CISO role that can potentially make or break a business. Based on survey findings from CISOs of large enterprises, here are some of the key takeaways:
1. The CISO holds an expanding role in executive management with responsibilities to protect on-premises, cloud, operational technology (OT), and DevOps environments. Their charter now includes physical security for 70% of respondents.
2. Despite acknowledging product-related challenges, CISOs have high confidence in their organizations’ risk posture while acknowledging challenges with manual processes and false positives.
3. Unfortunately, CISOs’ high level of confidence about security seems unfounded, as most organizations experience a significant number of intrusions, and these events have a deleterious effect on the business.