In a joint study between Forcepoint and WSJ Intelligence, The C-Suite Report: The Current and Future State of Cybersecurity showed a widening gap between CEOs and CISOs on what is the most effective cybersecurity path forward.
The study reflected a difference in understanding between CEOs and CISOs on what is the best cybersecurity path forward for their business. While 58% of CEOs prefer to be proactive and risk-focused to prioritise business stability, 54% of CISOs adopt a more reactive, incident-approach mindset to tackle today’s dynamic cybersecurity threat landscape.
The research in particular highlights the difference in how organisations across global geographies prioritise key elements of security, with protecting customer data being a top priority for more than half of the US (62%) and Europe (64%) CEOs. On the other hand, more than half of leaders in Asia (61%) prioritise protecting organisational IP instead. The different regulatory approaches to data and privacy protection, and the GDPR and CCPA in the US and Europe could have contributed to these results.
“At a time when cybersecurity is more strategic to business growth than ever before, it is time senior business and security leaders reassess their cybersecurity strategy to one that enables them to move left of breach. Leader companies understand that behavior-based technologies are the modern cybersecurity path forward and those that get cybersecurity right today will see this be a key competitive differentiator for their business in the years ahead, ”said Nicholas Fishbach, Global CTO of Forcepoint
The global survey reached 200 CEOs and CISOs from various industries, including Healthcare, Finance, and Retail.
It also shared new information on the cybersecurity priorities of global business leaders.
- Most leaders (76%) are losing sleep over the prospect of becoming the next headline-grabbing security breach
- Even though a majority (87%) believe that their security team is consistently ahead of cybersecurity threats
- The difference is exacerbated by the belief that senior leadership is cyber-aware and data-literate (89%) and place cybersecurity as their top organizational priority (93%)
- 85% of executives think that cybersecurity strategies are a major driver for digital transformation — however 66% acknowledge the increased organisational exposure to cyber threats cause of digitisation
- Less than half (46%) of leaders regularly review their cybersecurity strategies
It was also revealed that despite leaders claiming vendor fatigue, organisations engage more than 50 security vendors on average with 62% saying that they want more. But as more enterprises adopt cost savings, and benefits of converged networking and security capabilities from Secure Access Service Edge (SASE) security architecture approach, the demand for multiple security vendors will ebb over time.
Fishbach added, “Companies leading on the cybersecurity front today are realistic about the risks they face and are prepared to prioritize security to protect the lifeblood of their business – which is customer data and organizational IP. And with today’s new way of working, getting this right within a remote work reality has never been more critical. Now is the time for all business and security leaders to recognize the business continuity actions they take now will determine whether they simply survive or thrive in today’s new business reality.”