For the longest time, those of us who occupy the role of the CISO have fought for our seat at the ‘big table.’ Although it appears some of us are being invited into the C-suite, there is still a long way for us to go.This is highlighted in a 2021 report provided BT, which places “CISOs under the spotlight” and illuminates some interesting and concerning issues that businesses need to address.

Interestingly, this report doesn’t seek the views of CISOs but rather seeks the views on cybersecurity and data protection from customers, employees and other business leaders. This offers us a unique insight into what others believe the role of the CISO is and what we do, resulting in five key insights that I believe warrant closer inspection.

We are operating securely

It’s not unusual to find that the C-suite is largely optimistic about the strength in cybersecurity and data protection defenses. We discover in this report that this optimism is still running high, with 76% of business leaders rating their security defenses as ‘excellent’ or ‘good.’ But let’s be honest, the C-suite generally sees cybersecurity and data protection through the lens of technology and, therefore, rarely understands the topic’s breadth and depth. This is why organizations continue to have data breaches, with 84% of those surveyed stating that they had suffered from data loss or theft in the last two years. 

How can this be that organizations can continue to have such a high degree of incidents yet regard their defenses as ‘excellent?’  I believe that we are once again a victim of terminology, with the word ‘cyber’ focusing the C-suite’s mind on IT rather than the wider question of information security. The investment must be on more than just technology; it must (Read more...)