What confident CISOs have in common

What works in protecting an enterprise is a matter of debate in an era when the proper way for a CISO to plan strategy is to assume defences will be breached by any combination of advanced threats, zero-day threats and well-funded attackers.

So infosec leaders may be interested in the results of a vendor survey of 300 chief information security officers in six countries, a small group of which think they’ve got the right formula.

Eleven per cent – or 33 – of respondents rate themselves rather well, believing their organizations were highly effective at stopping a range of attacks. These include breach of customers’ and employee personal information, insider threats, distributed denial of service (DDoS) attacks, breach of customer credit card or financial information, as well as the ability to monitor of data and activity over time to identify vulnerabilities.

The survey, paid for by cloud IT management services provider ServiceNow, doesn’t detail all of the data gathered by the study. But it concluded that from the answers to some questions that this group of responders shared many characteristics, saying they

–have increased automation of security functions;

–have tight integration with other functions across the enterprise, especially IT;

— agree that strong relationships between IT and security are important to the success of their security function;

–rate the prioritization of security alerts in the larger context of the business as critical to the success of their security function;

– see security as a core strategic goal for their company.

Assuming this group of CISOs are right in their confidence in their strategies, and the characteristics detected by the report’s authors are a significant factor, they may form a basis for other infosec leaders to learn from.

On the other hand, the survey data released show the majority of responders not confident at all on their abilities. Just 56 per cent of respondents said they are highly effective at protecting against customer-information breaches, and just 51 per cent are highly effective at preventing DDoS attacks.

Overall only 19 per cent of CISOs said their organization is highly effective at preventing breaches. Just over one in ten reported suffering a significant security breach causing reputational or financial damage in the past three years.

Interestingly, 47 per cent of respondents agreed that insufficient quality and amount of data interfered were either a substantial or complete barrier to their security function’s ability to protect against, detect and respond to security issues.

With more CISOs recognizing that automating security functions is vital to keep on top of threats and alerts kicked off from sensors, just one-third of respondents said they currently bautomate more than 40 per cent of their security processes today.

However, two-thirds said will automate 40 per cent or more security tasks in three years.

In order their priorities for automation are threat intelligence, aggregation of alerts or incidents from multiple security tools into a single system, prioritizing incidents based on business criticality, trend reporting and contextualizing and identifying the business criticality of threats.

(By comparison the leading tasks being automated today are rioritizing incidents based on business criticality and aggregating incident reporting.)

As a provider of automation capability, ServiceNow has an interest in the topic. But the report also notes that “no matter how many tasks are done by machines, automation must be combined with process changes and effective talent strategies to deliver its full value. The quality and quantity of the data available is critical, too.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now