The Changing Role of the CISO

[rakhirhif8963]

Today, CISOs are more involved in “contract risk management,” negotiating security issues and negotiating with providers and vendors. “More CISOs are finding it convenient to use cloud-based security services. Ninety-three percent of respondents agree that it makes their operations more efficient and effective. We expect this trend to continue,” Nather said.

For many CISOs, employees and other users remain the top security threat. Only 51% of CISOs believe they have achieved full security compliance across all employees through training and robust onboarding and offboarding processes.

The top threats remain email, phishing, and risky user behavior. “In addition to iran whatsapp data these risks with multi-factor authentication, advanced spam filtering, and Domain-based Message Authentication, Reporting, and onCformance (DMARC) to protect corporate email from breaches, it’s important to have an organizational process that starts on a new employee’s first day with security awareness training,” Nather said. These risks have consistently been a concern for 56-57% of respondents over the past three years. Combined with the lack of security awareness training for employees, this is likely the biggest gap that the security industry can help fill.

The research found that the methods CISOs use to measure their success are changing rapidly. The share of respondents using the average time to detect an intrusion to determine the effectiveness of protection fell from 61% in 2018 to 51% in 2019, while the “time to patch” fell from 57% to 40%. In contrast, the popularity of the “time to recover” metric increased from 30% to 48%.