Alexa...order John Grisham’s book, The Lincoln Lawyer
None at all: 3%
When asked about the two main flavors of CISO headaches (negligence vs. malfeasance), 44% said that 0–25% of the risks they encounter in the workplace are negligence-based. [Sigh]. While neither are good, at least negligence can be addressed by education, learning and training. 25% of CISOs said that more than half are indeed malfeasance. This is where proper lines of defense, monitoring, security and such are even more key.
Get funding from the board for all our initiatives
In the world of a CISO, money buys happiness (and a better security program). When we asked CISOs which one of these precious commodities – time or budget – is more valuable to them,
60% said ‘budget’. When asking for budget and resources to
cover data protection and disaster recovery programs, these
security guardians know how to translate their efforts into
language their board can understand.
Find out more
How much of an impact do you think AI will have on your job in the next 3 years?
No longer is there a clearly defined line between work and non-work when it comes to the digital experience. One in five of CISOs reported that observing the social media behavior of friends and family affects their digital strategy at work. Another third said external behavior has a moderate influence on the technologies at their job.
06 Analytical minds
A great deal: 7%
And now to our other findings…
How does Artificial Intelligence impact your job today?
A lot: 15%
More than a week ago but less than a month ago 15%
What is your age?
A great deal: 28%
A moderate amount
Convene a “think tank” to bring fresh ideas and creative thinking into IT security
Phishing for funding?
I need you to determine how secure my organization’s data is.
04 Starting Over
Where no man has
Despite the tumultuous year CISOs faced this year, most wouldn't opt to start over. When asked, “If you got offered a reset button for the past year, would you push it?” 7 in 10 said ‘no.’
It’s a risk to start over, one that most CISOs don’t want to take.
Cybersecurity skills shortage:
Your wish is granted
The Most Non-Annoying Survey
for Chief Information Security Officers Survey Findings
CISOs said ‘budget ’is more valuable to them than time.
If you played video games as a kid, were you destined to become a CISO?
Stress test each protocol in my security program
A little: 6%
said that 0–25% of the risks they encounter in the workplace are negligence-based
CISOs as digital transformers
at home and at work
Assign one helper to each of my staff to make them twice as productive
brace for a brain dump
In the last week
One of the most alarming outcomes stemmed from the question of how often a CISO met with their Chief Compliance Officer. Over a third of CISOs aren't meeting with one of their best workplace allies a CISO could have--their CCO. On the other hand, 1/3 of CISOs are making it a point to connect with their CCO on a pretty regular basis.
Assume every aspect of my job while I take off for Santorini, Greece
Law Enforcement Officer
11 Alien Invasion Later
What this tells us is that these planned meet-ups are more about nurturing the CISO <> CCO relationship than just grabbing lunch. Like the crime fighting duos, Sherlock Holmes and Dr. Watson, these pairs recognize that the key to a successful integrated risk management program starts from working collaboratively across their enterprise.
This is a citizen’s arrest. You have the right to remain silent…
To what extent does the way you, your family and friends use social media impact your digital strategy at work?
None at all
A great deal
When was the last time you had lunch with your Chief Compliance Officer? (or a colleague who performs the
More than a month ago 33%
A little: 37%
None at all: 16%
You're given a set of helpers for a week. What would you have them do? (Select only one answer)
09 Bad and Worse
A lot: 33%
05 BAD GUYS
6 in 10 prophetic CISOs think AI is going to have BIG implications on their work and industry within the next 36 months. Perhaps these CISOs are the ones who want more budget, to start their education, planning, and technology spends now, to get out in front of the
AI train … before it runs over their organization. Surprisingly,
1 in 11 are forecasting little to no impact at all.
The Most Non-Annoying Survey, sent to Chief Information Security Officers, revealed a handful of interesting perspectives
Implement a zero trust network
02 Tick Tock or Dough
Beam me up Scotty…just
not so fast
What's the one major flaw in IT security that you have been able to exploit the most?
Almost half of CISOs cited that the analytical mind is key to success
in the role while only 22% believed that being a computer prodigy influences a thriving career. These results signify a clear shift in
the function of the modern CISO. CISOs today must equally
understand the technical side of cyber security as well as
Enterprise Risk Management.
Many savvy CISOs have built super powers to protect their enterprise ship
6 in 10 prophetic CISOs think AI is going to have BIG implications on their work and industry within the next 36 months. Perhaps these CISOs are the ones who want more budget, to start their education, planning, and technology spends now, to get out in front of the AI train … before it runs over their organization. Surprisingly, 1 in 11 are forecasting little to no impact at all.
Four in ten CISOs said, if they had a set of mythical helpers, they’d opt for fresh new ideas and creative thinking to IT security – because simply relying on 'the old way' is way too risky. And a quarter of them are focused on the here-and-now, too – looking to stress test their existing infrastructure to shore it up.
Which of the following occupations do you think influences a CISO’s success the most? (Select only one answer)
What if you got the chance to pick the brain of a major-league hacker? Almost two-thirds (65%) of CISO sleuths want to get into the mind of a hacker to help them figure out "what's next?"
About 12% would hire them, spotting good talent when they see it. Interestingly, 1 in 11 would take them off the streets and arrest them. Book ‘em Dano!
Almost half of CISOs are seeing the wheels of the AI train turning – to the degree that AI is affecting their work (from “so-so” to
“holy cow!”). And almost a quarter (22%) are seeing the shift underway in bigger ways. No doubt AI is here to stay, and it’s
only going to make things more complicated, not simpler.
But that‘s TODAY. What about tomorrow?
10 Alien Invasion Now
03 Mythical Helpers
Thank you to all who took the survey. We hope you found the survey responses
useful in benchmarking your own CISO activity to your colleagues in the role.
If you, like our respondents here, are looking for support, reach out.
We can help.
If you met face-to-face with a major league hacker, what would be the first thing you’d say to him/her?
(Select only one answer)
In our latest eBook, The Making of the Modern CISO,
you’ll get a glimpse into the DNA of today’s Chief Information Security Officer.
Part computer geek, part investigative analyst and part law enforcer, these high-level competencies
define the role of four industry-leading CISOs.
Chief Information Security Officers from LogMeIn; University of California, Davis; Motorola Mobility; and the
American Red Cross offer distinct views of themselves as first-responders and guardians of their organizations.
Yet they all have the courage to be both vulnerable and impenetrable at the same time.
Whether you’re looking for a poignant narrative or deciding on a
different career path forward, open its pages and discover this insightful read.
Tap each item
More than half of CISOs asked are considered Baby Boomers...45 to 64. Apart from having a wealth of wisdom
and a strong work ethic, this age group are problem-solvers, entrepreneurs and team-oriented--all traits that make up a trusted advisor and the key protector of an organization’s brand, data and reputation.
Save and Continue or Reboot?
What are the top three organizations that you would love to hack and why?