Embed Size (px)
Citation preview
Evolving Role of the CSOSECURITY INCIDENTS CONTINUE TO PLAGUE ORGANIZATIONS
Organizations have seen security incidents increase at a
compound annual growth rate since 2004.
66%Large organizations (revenue more than $1 billion) have seen the biggest rise in security incidents from 9,155 in 2013 to
13,138 in 2014.
Large organizations also saw a
53%jump in financial damages from 2013 to 2014.
of organizations are reevaluating their infor-mation security standards as a result of big name/ public data breaches.
49%of security decision-makers in the highly targeted retail industry said the recent breaches have them reevaluating their information security standards.
63%of security professionals now report directly to the CEO which has nearly quadrupled since 2006 when it was just 6%
Connection to the top is even greater with
of CSO’s reporting on a dotted line to the CEO and 21% to the board of directors.
of respondents with increasing security budgets expect the amount of time spent advising senior executives to increase in the next three years.
88%VS
of decreasing/not changing security budgets.
70%$
$
said they will continue to place more value on risk management in the next 12 months.
70%internally develop Enterprise Risk Management frameworks.
62%$
Information Sources Relied on by CSOs:
68% 73% Rely on peers
Rely on Security content/technology
62% Rely on executive conferences or events
Top 3 Areas CSOs are in Charge/Involved in 2015:
91% 93% Information Security
Incident Response
90% Business Continuity/Disaster Recovery
The data breaches at Target and particularly Home Depot elevated the perception of risk to a company’s reputation. The example provided a very high level of visibility of the damage to reputation as well as cost. They also elevated the need for additional security testing and scanning. We will be adding budget to implement next year. - Barr Snyderwine, CIO, Hargrove, Inc.
CSOs RELIED ON FOR SECURITY BUSINESS INVESTMENTS
expect organization’s overall security budget to increase or remain the same in the coming year.
94% Organizations’ overall security budget expected to increase by an average of
11%$
$ in the coming year.
Sources: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014; State of the CSO Survey, CSO, 2015; State of the CSO 2015: Breaches Force New Security Strategy, November 11, 2014, CSOOnline.com.
CSOs RELATIONSHIPS WITH SECURITY VENDORS LEAVE ROOM FOR IMPROVEMENT
60%
73% very satisfied/satisfied with security products in2015 down from 79% in 2012.
very satisfied/satisfied with security services in 2015 down from 66% in 2012.
Two Most Cited Reasons For Discontent with Security Vendors
70%
78% Products don’t live up to the hype
Products’ implementation costs
Emerging Issues for CSOs in 2015:1. Demands from the board2. New technologies3. Shadow IT4. Demands from business partners5. Internal threats
Pressing Issues forCSOs in 2015:1. New technologies2. Finding people3. Partner security4. Getting actionable intelligence from security partners5. External attacks
AS SECURITY LANDSCAPE CHANGES, STRATEGIES REEVALUATED
23%
31%
You can learn more on the important role the CSO plays, how to reach the CSO audience, and view more of the State of the CSO 2015 results here: http://bit.ly/StateoftheCSO2015 or by contacting your IDG Enterprise
representative. You can also join the conversation on Twitter using the hashtag #StateoftheCSO
