Advertisment

CISOs will be seen in more influential roles

A majority of organizations have redefined their view of security over the past three years, vaulting security leaders into more influential roles, reveals IBM study

author-image
Soma Tah
New Update
ID

BANGALORE, INDIA: More than 80 percent of security leaders believe the challenge posed by external threats is on the rise, while 60 percent already agree their organizations are outgunned in the cyber war, according to IBM’s third annual 2014 Chief Information Security Officer (CISO) study findings. Technology is seen as a critical component to addressing security issues and threats, with big data and cloud and mobile requiring the biggest focus.

Advertisment

Sophisticated external threats were identified by 40 percent of security leaders as their top challenge with regulations coming in a distant second at just under 15 percent. As enterprise leaders continue to outline business priorities, external threats will require the most organizational effort over the next three to five years – as much as regulations, new technologies, and internal threats combined.

Empowering Today’s Security Leaders

With cyber-attacks and government regulations continuing to evolve, a majority of organizations have redefined their view of security over the past three years, vaulting security leaders into more influential roles. According to the study, 90 percent of security leaders strongly agree that they have significant influence in their organization, with 76 percent stating that their degree of influence has significantly increased in the last three years. In addition, 71 percent strongly agree that they are receiving the organizational support that they need to do their jobs.

Advertisment

“The challenges faced by CISOs and their teams are expanding every day with new evolved threats and regulations outpacing their ability to innovate,” said Vaidyanathan R Iyer, Leader, IBM Security Solutions, IBM India Pvt Ltd. “CISOs need to use their growing influence within the organization to help teams evolve their security posture, bringing in powerful new software and services that leverage data analytics and cloud security to fight today’s sophisticated attacks, no matter where they occur.”

Todays’ Organizations Rethinking Cybersecurity Tactics

The study found 70 percent of security leaders believe they have mature, traditional technologies that focus on network intrusion prevention, advanced malware detection and network vulnerability scanning.

Advertisment

However, nearly 50 percent agree that deploying new security technology is the top focus area for their organization, they identified data leakage prevention, cloud security, and mobile and device security as the three top areas in need of dramatic transformation.

Additional findings from the IBM CISO study include:

  • Cloud Security Continues to Lead the Agenda: While concern over cloud security remains strong, close to 90 percent of respondents have adopted cloud or are currently planning cloud initiatives. Of this group, 75 percent expect their cloud security budget to increase or increase dramatically over the next three to five years.
  • Data Driven Security Intelligence Capabilities are Top of Mind: Over 70 percent of security leaders said real-time security intelligence is increasingly important to their organization. Despite this strong agreement, the study found areas such as data classification and discovery and security intelligence analytics have relatively low maturity (54 percent) and require a higher need for improvement or transformation.
  • Significant Mobile Security Needs Still Remain: Despite the growing mobile workforce, only 45 percent of security leaders stated they have an effective mobile device management approach. In fact, according to the study, mobile and device security ranked at the bottom of the maturity list (51 percent).

Managing Uncertainty around Government Landscape

In addition to external threats, the study indicated CISOs face additional challenges from governments as nearly 80 percent of respondents said the potential risk from regulations and standards have increased over the past three years. Security leaders are most uncertain about whether governments will handle security governance on a national or global level and how transparent they will be in doing so. Only 22 percent think that a global approach to combating cybercrime will be agreed upon in the next three to five years.

ciso