1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Nearly half of firms still don't have a CISO

    From TechnologyDaily@1337:1/100 to All on Mon Nov 22 13:30:04 2021
    Nearly half of firms still don't have a CISO

    Date:
    Mon, 22 Nov 2021 13:19:26 +0000

    Description:
    Their cybersecurity strategy is often built by the compliance department

    FULL STORY ======================================================================

    Despite cyber assaults such as ransomware rising in numbers over recent
    years, many organizations still dont have a Chief Information Security
    Officer (CISO). Whats more, some of them are under the impression that they dont even need one, with others saying they are struggling to find the right candidate due to the growing skills gap and the so-called Great resignation.

    A new report published by Navisite surveying 130 security, IT, and compliance professionals found that almost half (45%) dont employ a CISO. Of that group, just a slim majority (58%) think they should have one in the team.

    Most organizations have a cybersecurity strategy, but for the majority (60%), it was developed by teams and people other than the CISO - it was either the IT department, compliance department, or executive leadership.

    In fact, some companies (21%) dont even have a person dedicated solely to cybersecurity, at all, while most of them (75%) experienced an increase in overall cybersecurity threat volume in the past 12 months. Instilling confidence

    Not having an executive to handle cybersecurity hurts the confidence of these companies, the report further said. Among firms with a Chief Security
    Officer, 70% were confident in the effectiveness of their strategies, while among those without one - 58% were confident.

    Finally, many respondents would love to see their organization spend a little more money on cybersecurity solutions , staff, and training.

    The survey results support what were seeing across the board: organizations prioritized their security efforts during Covid, but at the same time, theyre acutely aware of how much more they need to do to effectively defend against cyber threats, said Aaron Boissonnault, Navisite CISO.

    The data also points to an ongoing problem in the industry: a cybersecurity skills shortage that extends to the highest levels. Companies value and want cybersecurity leadership, but it is increasingly difficult to find and retain these individuals.



    ======================================================================
    Link to news story: https://www.techradar.com/news/nearly-half-of-firms-still-dont-have-a-ciso/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)