To pay, or not to pay a ransom, that is the question. No, not another outrageous demand from a diminutive global leader hungry for cash and weapons, but hackers out to freeze your website, steal your policyholder data and generally cause lots of reputational damage. It’s an ongoing problem for insurance brands, so any data on C suite decision making and attitudes is welcome. Here’s the word;
Proofpoint a leading global cybersecurity and compliance company has released its annual Voice of the CISO report, exploring the key challenges, expectations and priorities of chief information security officers (CISOs). The findings reveal that most CISOs have returned to the elevated concerns they experienced early in the pandemic. Globally, sixty-eight percent of surveyed CISOs feel at risk of a material cyber attack, compared to 48% the year before, when they may have felt a brief sense of calm after successfully navigating the chaos of the pandemic. This year’s data represents a shift back to 2021, when nearly two thirds of CISOs believed a material attack was imminent. It’s notable that UK CISOs feel most at risk compared to their global counterparts (84%) in 2023, compared to 60% last year and 81% in 2021.
THE DISGRUNTLED EX SYNDROME
While organisations have largely overcome the disruptions of the last two years, the effects of the Great Resignation and employee turnover continue to linger, exacerbated by the recent wave of mass layoffs— 84% of UK CISOs say that employees leaving the organisation played a role in a data loss event. Even though 74% of UK security leaders had to deal with the loss of sensitive information in the past 12 months, 73% believe they have adequate data protection in place.
The 2023 Voice of the CISO report examines global third-party survey responses from more than 1,600 CISOs at mid-to-large size organisations across different industries. Throughout the course of Q1 2023, 100 CISOs were interviewed in each market across 16 countries: the U.S., Canada, the UK, France, Germany, Italy, Spain, Sweden, the Netherlands, UAE, KSA, Australia, Japan, Singapore, South Korea, and Brazil.
POST COVID LANDSCAPE: JUST PAY THE MAN…
“CISOs are no longer basking in the sense of calm that many experienced when they realised they’d made it through the pandemic unscathed. Now they’ve refocussed on cyber threats, they are less assured in their organisation’s abilities to successfully defend against the current attacks,” commented Andrew Rose, Resident CISO, EMEA at Proofpoint.
“Ransomware also continues to be a real problem, and despite encouragement to avoid payment, we still see significant levels of capitulation, with an alarming 75% of UK CISOs believing their organisation would pay a ransom. This figure in itself is sufficient incentive to the cybercriminals to keep doing what they are doing. CISOs need to find better ways to protect and prevent business disruption from these types of attacks and create resilience such that the best way to respond to an attack is not to immediately reach for the cheque book.”
Be the first to comment