New research from cybersecurity company Trellix has claimed it’s taking many UK companies until after a cyberattack to deliver sufficient support to CISOs.
Nine in 10 (93%) report getting more board support after a breach has occurred, but this late help often isn’t doing anything to prevent future attacks, with more than half (58%) of UK CISOs experiencing repeated successful attacks in the past five years.
Trellix is now calling for a more “proactive approach” from company boards in order to improve cybersecurity and better support CISOs.
CISOs don’t get support early enough
According to the report, half (47%) of the CISOs questioned got more technology and tool budget after a cyberattack, suggesting that a reactive approach is being taken to security.
Extended detection and response (XDR) tools are being implemented by more than one-third (37%) of CISOs as part of their security solution upgrade programs.
Trellix cites an unnamed UK CISO: “XDR can actually aggregate and correlate data from multiple sources and, therefore, reduce false positives. We see less alert fatigue in the security teams, and XDR allows us to be proactive rather than defensive and post facto, another big difference.”
Poor prevention is largely being blamed on the lack of adequate technology and incorrect configurations. Even as more artificial intelligence gets injected into defense, half (50%) of Britain’s CISOs say that manual processes are having a negative effect. Others highlighted siloed security (38%) and poor configurations (45%) as inhibitors.
Speaking about the “malicious use of AI” and the “surge in nation-state threat activity,” Trellix’s EMEA GM and SVP, Fabien Rech, said:
“CISOs need to have support from the board and executives so that investments can be made in the right technology, processes, and tools. In doing so, a culture of security and vigilance can be instilled from the top down to help protect organisations against evolving threats”
