Columnist Anna Kranj | Nordic IT Security, May 20, 2021
Featured, Cyber Security, News
During the Covid-19 crisis, cyber criminals took advantage of the pandemic and cyber security teams around the world were challenged to keep their businesses secure.
Proofpoint’s 2021 Voice of the CISO report was recently conducted by the research firm Censuswide and covered 100 companies with more than 200 employees in 14 countries.
This survey covered Sweden, the USA, Canada, the UK, France, Germany, Italy, Spain, the Netherlands, UAE, Saudi Arabia, Australia, Japan, and Singapore, and it explores key challenges that chief information security officers (CISOs) faced in the past 12 months.
The survey covers three main areas:
- Threat risks and types of cyber attacks CISOs combat daily,
- Levels of employee and organizational preparedness to face them,
- And the impact of supporting a hybrid workforce as businesses prepare to re-open their corporate offices.
The report highlights general trends as well as regional differences amongst the global CISO community and it was conducted in the beginning of 2021. So, what are its key global findings?
- 64% of surveyed CISOs feel at risk of suffering a material cyber attack in the next 12 months. Types of attacks they expect to face are diverse, such as Business Email Compromise (34%), Cloud Account Compromise (33%), Insider Threats (31%), Supply Chain Attacks (29%) and Ransomware (27%).
- 53% of CISOs are more concerned about the repercussions of a cyber attack in 2021 than they were in 2020.
- 58% of global CISOs still consider human error to be their organization’s biggest cyber vulnerability. Global CISOs listed purposefully leaking data (criminal insider attack) and clicking malicious links or downloading compromised files as the most likely ways employees put their business at risk.
- The majority of global CISOs expect their cyber security budget to increase by 11% or more over the next two years, and two in three (65%) believe they will be able to better resist and recover from cyber attacks by 2023.
Also, another 66% of respondents said they did not believe their enterprise was ready to handle the effects of an attack, particularly CISOs in Sweden, the Netherlands and Germany. The rise in the number of targeted attacks, seen since remote working became widespread, had been noticed by 58% of the CISOs, especially at retail companies.
Finally, over 50% of CISOs say they feel too many expectations on their roles.