Story image

Cisco CISO survey reveals mixed news for cybersecurity

01 Mar 2019

Cisco has published its fifth annual 2019 CISO Benchmark Study a comprehensive survey of more than 3000 security leaders across 18 countries. 

This year’s results show security professionals are placing a higher priority on vendor consolidation, collaboration between networking and security teams, and security awareness exercises to strengthen an organisations security posture and reduce the risk of breaches. 

To further address complexity challenges, many CISOs are increasingly confident that migrating to the cloud will improve protection efforts, while apparently decreasing reliance on less proven technologies such as artificial intelligence (AI). 

Complex security environments made up of solutions from 10 or more security vendors could be hampering security professional’s visibility across their environments. 

65% of respondents do not find it easy to determine the scope of a compromise, contain it and remediate from exploits. 

The unknown threats that exist outside the enterprise in the form of users, data, devices, and apps is also a top concern for CISOs. 

To help address these challenges, and better protect their organisations, of those surveyed:  

  • 44% have increased investment in security defence technologies.
  • 39% have security awareness training among employees.
  • 39% focused on implementing risk mitigation techniques.

Survey respondents also noted the continued high financial impact of breaches. 

45% of respondents reported the financial impact of a breach to their organisation was more than $500,000. 

The good news is that more than 50% of respondents are driving breach costs below half a million. 

But there remains a stubborn 8% claiming an eye-watering cost of more than $5 million per incident for their most significant breach of the past year. 

“This year, more than ever CISOs are taking a much more proactive role in reducing their exposure through consolidation and training, as well as investments in critical technologies, for cyber defence and breach containment, but there is still more to do,” says Cisco CISO and senior vice president Steve Martino.

“You can’t protect what you can’t see, and security leaders are still struggling to gain greater visibility across their organisation and into threats. Cisco is committed to helping organisations address these challenges and implement new techniques and technology to stay one step ahead of malicious actors and threats.” 

The following findings highlight some of these positive developments security professionals have made to improve their security posture:

The trend away from point products to vendor consolidation continues - in 2017 54% of respondents cited 10 or fewer vendors in their environment. This number has risen to 63%.

The survey showed that even those CISOs with fewer point solutions could better manage their alerts through an enterprise architecture approach. 

There is more confidence in cloud-delivered security and in securing the cloud.

  • 93% of CISOs reported that migrating to the cloud increased efficiency and effectiveness for their teams.
  • The perception of the difficulty of protecting cloud infrastructure has decreased - 52% in 2019 compared to 55% in 2017.

AI and machine learning (ML), used right, are essential to the initial stages of alert prioritisation and management. 

However, reliance on these technologies has decreased as respondents possibly perceive the tools to be still in their infancy or not ready for prime time:  

  • Reliance on ML is down to 67% in 2019 compared to 77% in 2018.
  • AI is down to 66% compared to 74% in 2018.
  • Automation is down to 75% compared to 83% in 2018.

Employees/users continue to be one of the greatest protection challenges for many CISOs - having an organisational process that starts with security awareness training on day one is essential.

  • Only 51% rate themselves as doing an excellent job of managing employee security via comprehensive onboarding and processes for transfers and departures.

Email security remains the number one threat vector.

  • Phishing and risky user behaviour (e.g. clicking malicious links in email or websites) remains high and is the top concern for CISOs. The perception of this risk has held steady for the past three years between 56 to 57% of respondents.

Recommendations for CISOs:

  • Base security budgeting on measured security outcomes with practical strategies coupled with cyber insurance and risk assessments to guide your procurement, strategy, and management decisions.  
  • There are proven processes that organisations can employ to reduce their exposure and extent of breaches. Prepare with drills; employ rigorous investigative methods; and know the most expedient methods of recovery.  
  • The only way to understand the underlying security needs of a business case is to collaborate across siloes – between IT, Networking, Security and Risk/Compliance groups.  
  • Orchestrate response to incidents across disparate tools to move from detection to response faster and with less manual coordination.  
  • Combine threat detection with access protection to address insider threat and align with a program like Zero Trust.  
  • Address the number one threat vector with phishing training, multi-factor authentication, advanced spam filtering and DMARC to defend against Business Email Compromise.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.