Cyberattacks have been hitting businesses hard, with a massive 90% of CISOs claiming their company was a victim of such an incident within the last year.
When it come to ransomware attacks specifically, 83% of CISOs surveyed in Splunk’s new report said they had paid out, with more than half paying over $100,000.
They also fear the rise of generative AI, believing that the advantage will be given to attackers. However, many are experimenting with such tools in their cyber defenses, with 93% using automation either moderately or extensively in their processes.
C-suite and collaboration
However, another problem that is presenting itself is so-called “tool sprawl”, which is “likely compounding existing visibility issues,” according to Splunk. 88% of CISOs want to use solutions like security orchestration, automation and response (SOAR) and security information and event management (SIEM) to prevent this sprawl.
By using solutions like these, they hope to limit the amount of tools they need and make the defense simpler by employing automation.
Nearly half of the CISOs surveyed also claim they are now reporting directly to their CEO, with CISOs being more responsible for guiding cybersecurity strategies. They are regular participants in board meetings across all industries too. 90% of CISOs also said that their board cares more about cybersecurity than it did two years ago.
As a result, a further 93% of CISOs expect their cybersecurity budget to increase over the next year, even while 83% foresee cuts in other parts of the organization. 80% of CISOs also claim that their organization has faced more threats as the economy has declined.
Greater collaboration across the company has also occurred, with 92% of CISOs saying that cybersecurity collaboration has increased either moderately or significantly between teams, thanks to digital transformation programs and cloud native deployment.
77% said that there has been collaboration between IT and development teams to find the root causes of incidents, although 42% did say there was room for improvement on outcomes.
Splunk CISO Jason Lee commented that, “the C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions,” adding, “these relationships provide CISOs the opportunity to become champions who strengthen an organization’s security culture and lead teams to become more cross-collaborative and resilient.”
“By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defense management and prepare for the future.”