Proofpoint today released its annual report titled, "2023 Voice of the CISO: Global insights into CISO challenges, expectations and priorities," in which it surveyed 1,600 CISOs sharing their experiences over the past year and their outlook for what is to come for the cybersecurity industry.
The third annual report from the enterprise security company includes these topics and trends:
- How the global recession is applying pressure to security budgets and how CISOs must remain steadfast in pressing the C-suite for critical controls to protect their organizations
- How boards are increasingly becoming part of the cybersecurity conversation and the impact this is having on their understanding of security issues and their relationships with CISOs
- The issue of burnout among CISOs as many struggle with the pressures of personal liability and excessive expectations
Getting back to 'business as usual'
From the report: "Last year's report uncovered a palpable feeling among CISOs that there was a period of calm after a once-in-a-generation crisis. With the pandemic disruption finally subsiding and hybrid work setups a mainstay for most, CISOs felt comfortable that the worst was behind them. At the time, just 48% believed that a cyber attack was on the horizon within the coming year.
That's changing. In this year's survey, over two-thirds (68%) of CISOs
said they feel at risk of a material cyber attack in the next 12 months.
This pronounced shift suggests that security professionals see the threat
landscape heating up once again, and have recalibrated their level of
concern to match."
The cyber threat landscape
"When it comes to the kinds of threats occupying the minds of the world's CISOs, four major categories lead the way:
• Email fraud (33%)
• Insider threats (30%)
• Cloud account compromise (29%)
• DDoS attacks (29%)
This list is almost unchanged from the previous year (though email fraud and insider threats swapped places in the top two spots.) CISOs are right to remain concerned about these threats. Their continued prominence as a top priority reflects the challenge they continue to pose.
On a more positive note, CISO concerns seem to be filtering through to the rest of the C-suite; board members agree that email fraud poses the most pressing threat."
The report also covers:
- Protecting People—The Cybersecurity Cornerstone
- Defending Data
- Building a Defense to Fight on Every Front
- Boards and CISOs—Closer to the Same Page
- Life as a CISO—In the Crosshairs, Burned Out and Under the Microscope
Lucia Milica Stacy, Global Resident CISO for Proofpoint, said:
"Many CISOs no longer feel the sense of calm they may have briefly experienced, when they were upbeat after conquering the chaos wreaked by the pandemic. Back to 'business as usual,' they are less assured in their organization's abilities to defend against cyber risk. Our 2023 Voice of the CISO report reveals that amidst the rising difficulties of protecting their people and defending data, CISOs are being tested at a personal level with higher expectations, burnout, and uncertainty about personal liability. The improving relationship between security leaders and board members gives us hope, however, and this partnership will enable organizations to overcome the new challenges they face this year and beyond."
The report is available for download here.