Cisco’s 2019 CISO Benchmark Study is a comprehensive survey of more than 3,000 information security leaders across 18 countries.
This year’s study placed a particular focus on prevention and preparation, requesting responses on vendor/solution selection and alert management as well as breach readiness and response.
The results show security professionals are increasing their investment in defence technologies, security training, risk analysis and risk mitigation.
However, employees/users continue to be listed among the greatest protection challenges, email security remaining the number one threat vector, thus leading to a higher priority being placed on security awareness exercises to strengthen an organisation’s security posture and reduce the risk of breaches.
The use of risk assessment and risk metrics that span across the business is playing an increasing role in technology selection and has helped CISOs focus on their operational practices.
The study showed the correlation between the alignment of teams, especially the networking and security teams, and the reduced impact and cost of breaches, thus promoting a more collaborative approach to reduce organisational silos and target common goals.
Complex security environments could hinder security professionals’ visibility across their environments. Consolidating the security vendors and limiting the number of dashboards to better prioritise alerts can help teams focus on remediation and 63% of respondents cited 10 or fewer vendors in their environment, up from 54% in 2017.
Artificial intelligence and machine learning are still seen as helpful in alert prioritisation and management, though the confidence in these tools has seen a drop of 10% or more compared to last year’s results.
A staggering 93% of the interviewed CISOs reported increased efficiency and effectiveness for their teams following a migration to the cloud. No matter the industry or size of your organisation, it is of vital importance to establish an organisational process that starts with security awareness training on day one and to put together a plan that details the role of each team. No plan is perfect, but each plan can and should be tested and improved with regular drills to ensure the best response in the event of an actual breach.
European Product Manager