SECURITY

Top 10 Things Keeping CISOs Up at Night in 2020 | Splunk

Chief information security officers (CISOs) face no shortage of challenges. Expanding attack surfaces and complex cloud security environments have given rise to new advanced threats. Compliance regulations have become more rigorous and punitive. And while digital transformation accelerates the pace of doing business, its impact is often limited by budget restrictions and security talent gaps.

At Splunk we talk to hundreds of CISOs every year. Here's what they told us they care about in 2020.

1. The Attack Surface Expands and Changes

The explosion of connected Internet of Things (IoT) devices combined with bring your own device (BYOD) trends, cloud migration initiatives and a host of new or custom applications have given hackers infinite ways to infiltrate an organization’s network. The growing attack surface has left CISOs scrambling to secure a slew of digital devices and ensure that their organization’s data remains protected.

2. Multi-Cloud Environments Present New Challenges

Misconfigured cloud servers and insecure APIs leave an organization’s systems vulnerable to hackers — a threat further compounded in multi-cloud environments. Also, many employees download insecure public software as a service (SaaS) tools without IT department approval. Not surprisingly, more than 1 in 5 organizations experience a cyber incident originating from an unauthorized IT resource.

3. Managing Risk Includes Cyber Supply Chain

CISOs continually strive to achieve a top-down view of risk spanning across the entire business environment. That means knowing the answers to questions like “why are we in business?” and “what are we trying to defend?” To get a complete view of their business risk environment, CISOs are focusing their efforts on the entire cybersecurity supply chain, including customers, suppliers and business partners.

4. Digital Transformation Fuels Dynamic Analysis

With digital transformation accelerating marketplace competition, CISOs are making strong investments in dynamic analysis tools, while automating previously manual tasks and investing further in artificial intelligence and data analytics. CISOs are also shifting toward DevSecOps, as they look to not only secure applications, but integrate security infrastructure into larger initiatives from the beginning.

5. Cybersecurity Talent Shortfall Worries CISOs

The growing cyber skills gap has left organizations lacking adequate security talent to perform necessary security functions to stay secure — and it has many CISOs concerned. According to a recent Marlin Hawk report, two-thirds (66%) said they are experiencing talent shortfalls because candidates don’t have the right technical knowledge, lack experience or simply aren’t the right culture fit. It’s a problem that the majority of CISOs (62%) think will get worse over the next five years. 

6. Budget Constraints Hinder Security

The average cost of a data breach in 2019 was around $3.92 million. Yet, despite the possibility of costly clean-ups, many organizations still don’t make cybersecurity a priority. CISOs continue to face challenges in securing substantial budgets, largely because they have difficulty forecasting threats and achieving measurable results from security investments. As budgets slowly dry up, CISOs are looking to consolidate costs and create new efficiencies around spend. Thus, CISO’s aren’t just looking to keep adding to their arsenal — each incremental security purchase must also add incremental value.

7. Compliance Penalties Create New Headaches

Starting January 2020, the new California Consumer Privacy Act (CCPC) gave CISOs a few more headaches by adding stringent new requirements governing how organizations can use their consumer data. Meanwhile, CISOs are still navigating the European Union’s General Data Protection Regulation (GDPR), which can impose penalties of around $24 million — or up to 4% of annual worldwide turnover — for violations. 

8. Combating Alert Fatigue Is an Uphill Battle

For CISOs, running a 24/7 operation requires the ability to identify a security incident amid a barrage of false positives and low-priority alerts. This is no small feat, especially when firewalls, endpoint security solutions, and other protections produce millions of events on a daily basis. Thus, CISOs are continually on the lookout for new ways to combat alert fatigue, and vector in on the critical threats that can do the most damage to their organization.

9. Insider Threats Fly Under the Radar

With authorized access to the company’s network, information and assets, malicious insiders can be as big a threat as external attackers. Many insiders have existing accounts that give them the ability to obtain critical data while allowing them to circumvent security controls. However, not all insider threats are intentional — mistakes like failing to apply a patch or using common passwords can just as easily leave the organization susceptible to cyberattacks.

10.  Security Training Provides New Perspective

In light of expanding attack surfaces, sophisticated cyber threats and deceptive new social engineering techniques, it’s more important than ever that employees be proactive and understand their role in preventing attacks. These days, CISOs are creating comprehensive cybersecurity education and best practices that help employees think and act like a CISO.

The role of the CISO is continually evolving as threats and technologies change. But as the scope of their responsibilities grows, CISOs are not only responsible for keeping the company’s data protected, they become ambassadors to members of the C-suite and board as cybersecurity becomes even more essential to the bottom line.

To learn more about what’s on CISOs’ minds, check out 5 Key Ways CISOs Can Accelerate the Business.

Oliver Friedrichs
Posted by

Oliver Friedrichs

With a record in building four successful enterprise security companies over the past two decades, Friedrichs most recently served as the Founder and CEO of Phantom. Prior to Phantom, Friedrichs founded Immunet, acquired by Sourcefire in 2010 and a key component to Cisco's acquisition of Sourcefire in 2013; now thriving as Cisco's Advanced Malware Protection (AMP). Friedrichs co-founded SecurityFocus (Bugtraq) and led DeepSight, the world's first Internet early warning system, acquired by Symantec in 2002. He also co-founded Secure Networks and led Ballista (CyberCop), one of the industry’s first vulnerability management solutions, acquired by McAfee in 1998. Friedrichs architected and developed a prototype of the first commercial penetration-testing product, SNIPER, acquired by Core Security Technologies in 2001 and further developed into CORE IMPACT. He attended the University of Manitoba and is the co-author of three security books and recipient of 19 patents.

TAGS

Top 10 Things Keeping CISOs Up at Night in 2020 | Splunk

Show All Tags
Show Less Tags

Join the Discussion