The challenges CISOs face in securing companies

Source: Servicenow infographic. Automation will help to address barriers to implementing effective security. Only 38% of security tasks are presently automated.

A new survey of 300 Chief Information Security Officers (CISOs) from around the world by ServiceNow spotlights the need for a new approach to responding to the rising number and cost of data security threats. The Global CISO Study: How Leading Organizations Respond to Security Threats and Keep Data Safe, revealed that 80% of global security executives surveyed (78% in Singapore) are concerned that data breaches are detected but not being addressed.

This comes at a cost: More than one in 10 CISOs reported experiencing a significant security breach causing reputational or financial damage in the past three years. Manual processes, resources and talent deficiencies, and the inability to prioritise threats are impairing security response effectiveness. As a result, CISOs are increasing the automation of security tasks to bolster their response and remediation efforts.

“Data breaches have a serious impact to businesses in Singapore and across the region. According to the results of this survey, CISOs need to put their focus on the entire process of the security response. CISOs must start automating and prioritising security tasks based on business criticality to ensure that threats are detected and dealt with quicker and more efficiently,” said Jimmy Fitzgerald, VP and GM, ServiceNow, Asia Pacific and Japan.

Other findings of the study for Singapore include:

+Eighteen percent rate (compared to 20% globally) their company as highly effective at preventing security breaches.

+Two thirds (compared to 70%) of CISOs say it is difficult to prioritise threats based on business criticality.

+Customers may suffer the most from these gaps: Only 30% of CISOs (compared to 38% globally) believe they are highly effective at protecting against customer data breaches. 

+More than 24% of CISOs (compared to 30% globally) say manual processes and a lack of resources are barriers to their organisation’s ability to detect, and respond to security breaches.

+Just 8% of CISOs (compared to 7% globally) say their employees have developed the skills necessary to successfully prioritise security threats.

A small group of the overall survey sample (10% in Singapore), dubbed Security Response Leaders, differ from the rest in that they:

· Automate a higher percentage of security activities, including more advanced tasks such as trend reporting.

· Prioritise responses to security alerts based on business criticality.

· Build stronger relationships with IT and other departmental functions.

Interested?

Read The Global CISO Study: How Leading Organizations Respond to Security Threats and Keep Data Safe report

*ServiceNow commissioned Oxford Economics to survey 300 Chief Information Security Officers. Respondents are based in Australia, France, Germany, Singapore, the UK and the US, and represent companies ranging in size from US$500 million in revenue to more than US$10 billion. The survey was administered via telephone. Founded in 1981 as a joint venture with Oxford University’s business college, Oxford Economics specialises in evidence-based thought leadership, forecasting, and economic impact analysis.