11/15/2024 | News release | Distributed by Public on 11/15/2024 08:24
Guest blog by Mark Jow, Technical Evangelist, Gigamon
CISOs are under considerable pressure. As the threat landscape becomes ever more complex, they are faced with the impossible task of making their organisations breach-proof. Our 2023 Hybrid Cloud Security Survey revealed that most security leaders don't acutally know how their efforts are making an impact, with a concerning gap being uncovered between organisations' perceptions of their security and reality. Despite IT spend expected to reach $215 billion this year, our 2024 security survey shows a decline in cyber-attack preparedness from last year. With the previous year's data showing 30% of breaches going undetected - this year that number went up to 37%.
There's clearly something missing in current security strategies. Taking a deep dive into the responses of the 234 CISOs, I wanted to try and uncover their perspectives on the evolving threat landscape and understand why they think so many breaches are still evading security measures.
Modern cybersecurity is about balancing risk and reward. Every organisation needs to determine its tolerance for risk to function effectively. Zero risk is unattainable. In fact, 8 in 10 CISOs predict AI will fuel the global ransomware threat. CISOs must equip themselves with intelligence and visibility to stay one step ahead of these increasingly sophisticated attacks.
Accountability is increasingly being placed on CISOs. In fact, 85% of CISOs report that cloud security is now a boardroom priority. With 60% of CISOs ranking board-level interest as the key factor in their success, this increased engagement is positive. Yet, the pervasive nature of cyber risk places a heavy burden on IT and security leaders.
AI, while promising, is also a new black box under the CISO's purview, as they are increasingly responsible for AI implementation. Perhaps this explains why our report found CISOs were underwhelmed with AI's potential to address visibility gaps. Instead, security professionals are focusing on fundamentals: addressing blind spots, optimising tools, and preparing for Zero Trust mandates.
Achieving real-time visibility is the key challenge in cyber security, especially when it comes to lateral and encrypted traffic. Threat actors often exploit encrypted traffic to bypass security measures, with an alarming 93% of malware attacks now using encryption. Despite this, many CISOs continue to trust encrypted traffic, with 80% believing it is secure. Taking into consideration the cost and time constraints associated with decryption, it's understandable that 62% of CISOs have not addressed it as a viable solution. Yet, only 53% of CISOs feel adequately prepared to identify these threats, underscoring the need for improved strategies.
To tackle these blind spots, 60% of CISOs are prioritising optimising their tools. However, 70% of CISOs believe their current tools are ineffective in detecting breaches. Furthermore, 80% of CISOs report their teams are overwhelmed by extensive tool stacks, indicating a need for a more streamlined approach. This challenge is not new, as CISOs typically stay in their roles for about two years, often overhauling tool stacks when entering new roles. Despite these efforts, cybercriminals continue to evade controls, suggesting a need for a different strategy that focuses less on tools and more on network-level visibility.
In today's environment, organisations' reputation, legal standing, and profitability are intrinsically linked to the effectiveness of its security posture. The increasingly hostile environment requires CISOs to embrace their expanding roles, articulate security risks from a business perspective, and be transparent with executives about the realities of security. Organisations can never be completely breach proof. Instead, the focus should be on building trust in the mission to reduce cyber risk whenever possible.
This guest blog was written by Mark Jow, Technical Evangelist at Gigamon.
The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.
Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.
Sign-up to get the latest updates and opportunities from our Cyber Security programme.