Chief information security officers (CISOs) face no shortage of challenges. Expanding attack surfaces and complex cloud security environments have given rise to new advanced threats. Compliance regulations have become more rigorous and punitive. And while digital transformation accelerates the pace of doing business, its impact is often limited by budget restrictions and security talent gaps.
At Splunk we talk to hundreds of CISOs every year. Here's what they told us they care about in 2020.
1. The Attack Surface Expands and Changes
The explosion of connected Internet of Things (IoT) devices combined with bring your own device (BYOD) trends, cloud migration initiatives and a host of new or custom applications have given hackers infinite ways to infiltrate an organization’s network. The growing attack surface has left CISOs scrambling to secure a slew of digital devices and ensure that their organization’s data remains protected.
2. Multi-Cloud Environments Present New Challenges
Misconfigured cloud servers and insecure APIs leave an organization’s systems vulnerable to hackers — a threat further compounded in multi-cloud environments. Also, many employees download insecure public software as a service (SaaS) tools without IT department approval. Not surprisingly, more than 1 in 5 organizations experience a cyber incident originating from an unauthorized IT resource.
3. Managing Risk Includes Cyber Supply Chain
CISOs continually strive to achieve a top-down view of risk spanning across the entire business environment. That means knowing the answers to questions like “why are we in business?” and “what are we trying to defend?” To get a complete view of their business risk environment, CISOs are focusing their efforts on the entire cybersecurity supply chain, including customers, suppliers and business partners.
4. Digital Transformation Fuels Dynamic Analysis
With digital transformation accelerating marketplace competition, CISOs are making strong investments in dynamic analysis tools, while automating previously manual tasks and investing further in artificial intelligence and data analytics. CISOs are also shifting toward DevSecOps, as they look to not only secure applications, but integrate security infrastructure into larger initiatives from the beginning.
5. Cybersecurity Talent Shortfall Worries CISOs
The growing cyber skills gap has left organizations lacking adequate security talent to perform necessary security functions to stay secure — and it has many CISOs concerned. According to a recent Marlin Hawk report, two-thirds (66%) said they are experiencing talent shortfalls because candidates don’t have the right technical knowledge, lack experience or simply aren’t the right culture fit. It’s a problem that the majority of CISOs (62%) think will get worse over the next five years.
6. Budget Constraints Hinder Security
The average cost of a data breach in 2019 was around $3.92 million. Yet, despite the possibility of costly clean-ups, many organizations still don’t make cybersecurity a priority. CISOs continue to face challenges in securing substantial budgets, largely because they have difficulty forecasting threats and achieving measurable results from security investments. As budgets slowly dry up, CISOs are looking to consolidate costs and create new efficiencies around spend. Thus, CISO’s aren’t just looking to keep adding to their arsenal — each incremental security purchase must also add incremental value.
7. Compliance Penalties Create New Headaches
Starting January 2020, the new California Consumer Privacy Act (CCPC) gave CISOs a few more headaches by adding stringent new requirements governing how organizations can use their consumer data. Meanwhile, CISOs are still navigating the European Union’s General Data Protection Regulation (GDPR), which can impose penalties of around $24 million — or up to 4% of annual worldwide turnover — for violations.
8. Combating Alert Fatigue Is an Uphill Battle
For CISOs, running a 24/7 operation requires the ability to identify a security incident amid a barrage of false positives and low-priority alerts. This is no small feat, especially when firewalls, endpoint security solutions, and other protections produce millions of events on a daily basis. Thus, CISOs are continually on the lookout for new ways to combat alert fatigue, and vector in on the critical threats that can do the most damage to their organization.
9. Insider Threats Fly Under the Radar
With authorized access to the company’s network, information and assets, malicious insiders can be as big a threat as external attackers. Many insiders have existing accounts that give them the ability to obtain critical data while allowing them to circumvent security controls. However, not all insider threats are intentional — mistakes like failing to apply a patch or using common passwords can just as easily leave the organization susceptible to cyberattacks.
10. Security Training Provides New Perspective
In light of expanding attack surfaces, sophisticated cyber threats and deceptive new social engineering techniques, it’s more important than ever that employees be proactive and understand their role in preventing attacks. These days, CISOs are creating comprehensive cybersecurity education and best practices that help employees think and act like a CISO.
The role of the CISO is continually evolving as threats and technologies change. But as the scope of their responsibilities grows, CISOs are not only responsible for keeping the company’s data protected, they become ambassadors to members of the C-suite and board as cybersecurity becomes even more essential to the bottom line.
To learn more about what’s on CISOs’ minds, check out 5 Key Ways CISOs Can Accelerate the Business.