Saturday, July 20, 2024
Evina 110o x 220

Only 1% of CISOs State That Endpoint & Mobile Devices Are Their Technology Investment Priority Area

The present-day security executives confront a number of challenges when it comes to carrying out strategies, including bridging the company’s internal skills discrepancy, gaining the appropriate amount of leadership backing from the company, establishing a security culture, making solid technology investment decisions, and more. However, the current situation of economic conditions is driving a new narrative for CISOs, with many being expected to accomplish more with less.

According to a Cyber Security in Focus report, proactive investment in cyber security continues, but with limited room for innovation. 44% expect their spending plans to remain the same or decline. Only 53% say security spending keeps up with digital companies. Cloud security (25%), IAM (20%), and security and vulnerability management (18%) are the primary three critical expenditure areas for CISOs in 2023, with less emphasis on endpoint and mobile device engagement (1%).

Other notable findings from the 2023 Stott and May Cyber Security in Focus Report include:

Addressing cyber security positions is a source of concern for security officials

66% are having difficulty finding talent for their company. After 8 weeks, 69% of security posts remain vacant. 39% of those remain available after a 12-week period. It’s no secret that finding skilled individuals to contribute to the security industry is difficult. Security executives must continue to work on sketching out genuine role requirements, compensation benchmarking, optimising interview process design, and communicating the role, team, and the company’s distinctive selling point to applicants.

According to CISOs, pay expectations in businesses are rising

Salary levels, according to 47% of respondents, have climbed by over 11% year on year. Another 31% expect salary inflation to be around 6 and 10%. Target salary increases are anticipated to be supported by a mix of rising inflation and applicant accessibility for individual contributor jobs. Specifically, in applications and product safety, monitoring and reaction, and cloud security.

In 2023, CISOs regard funding as the most significant impediment to plan implementation, surpassing internal talents for the first time

Budget was recognised as the biggest impediment to executing strategy by 51% of security executives, with internal abilities (34%), board-level acceptance (11%), and technology (3%) all named as concerns by the worldwide sample of CISOs.

Considering the situation of the worldwide economy, CISOs will be put under more pressure than ever to guarantee that their activities provide good value for money. Security executives may place a major priority on consolidating software and instrumentation investments, with a new focus on extracting greater value from their current suppliers and forging ongoing vendor agreements.

The emphasis shifts to aligning security risk with company strategy

55% of security professionals believe that cyber security is an important strategic objective for their firm, while 60% say that the privacy function improves the entire value proposition to consumers. As a matter of fact, just 5% of the sample’s security executives said it had no significant influence. The extent and form of the potential for CISOs to wrap up the value that security brings will differ by industry.

This may be simpler for CISOs from SaaS software companies or highly regulated organisations. While the CISO function will always be mainly operational in nature, security professionals must continue to look for methods that will improve the needs of customers.

Haris Pylarinos, Founder & CEO of Hack The Box, discussed the top obstacles CISOs face when establishing a high-performing security unit. “It’s the ability to stay outward looking and ensure that internal skills stay up to date. You can hire the best security professionals out there with field experience, but the problem is that this knowledge can degrade over time because cyber security is evolving at such a rapid pace.”

Chris Castaldo, CISO at Crossbeam, detailed his opinions on the primary challenges that CISOs encounter when implementing respective cyber security roadmaps for development. “Not understanding the business. That’s the main barrier. Everyone that I talk to that’s trying to implement some new tool or a new process or policy and meets resistance typically hasn’t spent enough time trying to  understand what those stakeholders really care about and tailoring that message to them.”

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Evina 900x750