Building a slide deck, pitch, or presentation? Here are the big takeaways:
- 89% percent of CISOs are concerned about the rise of digital threats they are experiencing across web, social, and mobile channels. — RiskIQ, 2018
- 67% of CISOs said they do not have enough staff to handle the amount of cyber alerts they receive daily. — RiskIQ, 2018
The barrage of cyberattacks that CISOs must diffuse on a daily basis show no signs of slowing: 89% of all information security leaders report concerns over the rise of digital threats their organizations are experiencing across web, social, and mobile channels, according to a new report from RiskIQ.
According to the 1,691 US and UK CISOs surveyed for the report, the top threats keeping CISOs up at night are as follows:
1. Phishing and malware attacks on employees and customers
2. Brand impersonation, abuse, and reputational damage
3. Information breaches
However, most don't have the resources needed to keep these attacks at bay: 67% of cybersecurity leaders surveyed said they do not have enough staff to handle the amount of cyber alerts they receive daily.
This suggests that while CISOs are well aware of the growing number of sophisticated attacks and attack vectors, they continue to lack sufficient resources to fend them off. Indeed, 60% of leaders surveyed said they expect digital threats to grow as their organizations increase online engagement with customers.
SEE: Security awareness and training policy (Tech Pro Research)
A lack of experienced staff to monitor and help protect networks from cybercrime is the top risk organizations face, the report stated. Perhaps because of this, 37% of firms said they have hired a managed security services provider (MSSP) to help monitor and manage cyberthreats.
These results suggest that a perfect storm is brewing, the survey noted, with the issue of staff shortages colliding with escalating cybercrime rates, leaving organizations in the lurch when it comes to managing the risks in the era of digital transformation, the Internet of Things (IoT), and increasingly sophisticated attacks. To combat them, CISOs must ensure that all employees are trained on cyber best practices, and that company endpoints are secure.
"The RiskIQ 2018 CISO Survey illuminates a growing industry-wide problem, which is that cybercrime is growing at scale, and enterprises are already experiencing critical staff shortages," said Lou Manousos, CEO at RiskIQ.
In recent years, the rapidly expanding cybersecurity threat landscape has driven the CISO out of the basement and into the boardroom in many enterprises. Rather than only being seen as a security enforcer, they now have a seat at the table as strategists helping the enterprise avoid cybercrime. It's key for these professionals to be fully aware of all emerging threats to best help their companies stay protected.
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- Your failure to apply critical cybersecurity updates is putting your company at risk from the next WannaCry or Petya (ZDNet)
- Ransomware: A cheat sheet for professionals (TechRepublic)
- 3 things you need to know about cybersecurity in an IoT and mobile world (ZDNet)
- 88% of employees have no clue about their organization's IT security policies (TechRepublic)
- What is phishing? Everything you need to know to protect yourself from scam emails and more (ZDNet)
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.