2023 CISO Report: CISOs Have Their Board’s Ear, They Still Need to Justify Budgets

• 83% of CISOs admitted in Splunk’s 2023 CISO Report that their organizations end up paying a ransom when victimized in a ransomware attack.
• CISOs also influence the board of directors more as global operationally disruptive cyber incidents make headlines.
• Read on for more insights into cybersecurity from CISOs’ perspective.

90% of CISOs said their organizations experienced at least one major cyberattack that disrupted their regular operations. And, in spite of cybersecurity agencies’ advice to the contrary, an overwhelming majority (83%) of the victims end up paying a ransom, according to Splunk’s 2023 Chief Information Security Officer (CISO) report.

This is despite the fact that paying a ransom does not guarantee legal immunity or full recovery of lost data and capabilities. Company boards are particularly interested in ransomware attacks, with 73% of respondent CISOs attesting to this.

This is possibly why ransomware is among the top three threats, respondents in the 2023 CISO report said, preceded only by social engineering and the threat to operational technology (OT) and Internet of Things (IoT) security.

44% of organizations forked out $25,000 to $99,999 to ransomware gangs, 42% paid between $100,000 to $999,999, and 9% of respondents said their organizations paid $1 million as ransom.

A CISO’s job has thus evolved into a liaison between security teams and the company’s board. 86% of CISOs agreed that their priority is to convince the board to see the value in funding security investments. And it looks like they’re doing a good job.

93% of CISOs expect cybersecurity funding to rise somewhat or significantly. “The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions,” said Jason Lee, CISO at Splunk.

See More: How CISOs Can Build Support for Cybersecurity on Their Boards

“These relationships provide CISOs the opportunity to become champions who strengthen an organization’s security culture and lead teams to become more cross-collaborative and resilient.”

Besides an increased face time with the company board and CEOs, data indicates that CISOs also need to nurture cross-functional collaboration of security, engineering and IT teams. 27% of CISOs agreed that this collaboration helps minimize cyber impact and build and sustain resilience. The top five benefits of collaboration include:

• Helps with better integration between security and IT operations tools and processes (44%)
• Faster time to understand, quantify and prioritize the risk associated with new business initiatives (42%)
• Facilitates knowledge transfer (40%)
• Streamlines procurement deployment and operations of security technologies (37%)
• Offers greater visibility (37%)

Building a culture of collaborative resilience entails integrating security in the software development lifecycle (55%), modernization of projects (50%), exploring unusual or anomalous system or network behavior (48%), observability and organizational response in the event of application/service degradation (40%), and engaging in crisis management protocols (38%).

Lee added, “By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defense management and prepare for the future.”

More than two-thirds (70%) of CISOs agreed that generative AI offers threat actors more ammunition to target organizations, with the apparent benefits being bringing rapidness and efficiency in cyberattacks attacks (36%), believable voice and image impersonations for social engineering (36%), and the expansion of the supply chain attack surface (31%).

To counter threats and one-up cyber adversaries, 35% of CISOs said they already leverage generative AI within their organizations’ defense, while 61% will incorporate the emerging tech within the next 12 months.

Here’s how CISOs and cybersecurity teams are leveraging generative AI in cybersecurity:

• Security hygiene and posture management analysis and prioritization (35%)
• Alert and incident data enrichment (27%)
• Internal communications (26%)
• Data analysis for optimization (26%)
• Malware analysis (25%)
• Creation of secure configuration standards (23%)
• Creation of detection rules (23%)
• Workflow automation (22%)
• Threat hunting (22%)
• Risk scoring (20%)
• Policy creation (20%)
• Incident response and forensic investigation (19%)

“We are trying to stay ahead of generative AI. We know it is a technology that is being used. Instead of blocking the technology, we are trying to put as many guardrails around it as possible,” a CISO in a government organization said anonymously.

Note: The 2023 CISO Report is based on Splunk’s quantitative study of responses from 350 CISOs, CSOs and other qualified executive security leader equivalents and the company’s qualitative study of 20  CISOs, CSOs and security leaders in 60-minute in-depth phone interviews.

Respondents work in  17 industries and are based in North America (United States, Canada), EMEA (UK, Germany, France), and APAC (Australia, New Zealand, Japan, Singapore, India).

How can CISOs do more? Share with us on LinkedInOpens a new window , XOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

Image source: Shutterstock

MORE ON CYBERSECURITY

• Cybersecurity Awareness Month 2023: Expert Perspectives To Defend the Digital Realm
• How Can AI-Powered Solutions Enhance Identity Security?
• Democratizing and Integrating Cybersecurity