How to Protect Your Business from Cyber Threats

The year 2021 was marked by high-profile cyber attacks that disrupted critical infrastructure, supply chains, and public services. These incidents highlighted the importance of cybersecurity and the role of CISOs in protecting their organizations. This report presents the findings of a survey of 1,400 CISOs from different industries and regions, who shared their perspectives on the current and future state of cybersecurity.

The Calm After the Crisis

After the pandemic-induced disruption of 2020, CISOs have become more confident and prepared to deal with cyber threats. Fewer CISOs feel that their organization is at risk or unprepared for a material cyber attack in 2022. However, they still face a complex and evolving threat landscape, with insider threats, business email compromise, cloud account compromise, and DDoS attacks among the top concerns.

People as the New Perimeter

With hybrid work becoming the norm, CISOs have shifted their focus from protecting the network to protecting the people. Most CISOs believe that employees understand their role in cybersecurity, but they also acknowledge that human error is the biggest cyber vulnerability. To address this challenge, CISOs are investing in information protection solutions and cybersecurity awareness training for their staff.

Risk, Remote Work and The Great Resignation

The mass adoption of remote work has also brought new risks and opportunities for CISOs. More than half of them have seen an increase in targeted attacks since enabling widespread remote work. Moreover, the wave of employee turnover has made data protection more difficult. To cope with these issues, CISOs are updating their security policies, outsourcing security controls, implementing zero trust architecture, and overhauling their data loss prevention solutions.

Reigning in Ransomware

Ransomware is one of the most prevalent and damaging cyber threats facing organizations today. The frequency and sophistication of ransomware attacks have increased significantly in 2021, affecting critical sectors such as energy, healthcare, and manufacturing. Many CISOs are unprepared for ransom demands and unsure whether to pay or not. To prevent ransomware attacks, CISOs are prioritizing prevention over response and creating ransom policies.

Boards, Buy-In and the Bottom Line

The impact of cybersecurity on business performance has also raised the profile and expectations of CISOs. However, many CISOs feel that they face excessive expectations and lack support from their board and senior management. They also report that their reporting line can hamper their job effectiveness and that their organization does not position them to succeed. To overcome these challenges, CISOs need to communicate effectively with their stakeholders and align their cybersecurity strategy with business goals.

Conclusion

The report concludes that CISOs have adapted well to the changes brought by the pandemic and the hybrid work model. They have become more confident and prepared to deal with cyber threats, but they also face new challenges and opportunities. They need to focus on protecting their people, preventing ransomware attacks, and engaging with their board. By doing so, they can ensure the security and resilience of their organization in 2022.

⇩