Cybersecurity professionals unsupported and overloaded
Trellix has released The Mind of the CISO research, revealing how Chief Information Security Officers (CISOs) work amidst a tumultuous threat landscape, which business functions hold them back, and what they need to be successful.
The global survey of 500+ global CISOs across every major industry revealed three quarters (74%) of Australian respondents feel fully or mostly accountable when their organisations experience a cybersecurity breach.
The research revealed key pain points CISOs experience, including:
Not enough support. 98% struggle to get support from the executive board for the resources needed to maintain cybersecurity strength. Nearly half (48%) think their jobs would be easier if all employees across the entire business were better aware of the challenges of cybersecurity. In addition, over a third of CISOs (40%) cite a lack of skilled talent on their team as a primary challenge.
The pressure is high. 84% have managed a major cybersecurity incident once, and 4 in 10 more than once. As a direct result of a significant cybersecurity incident, 45% experienced major attrition from the security operations team.
Working with too many of the wrong solutions. Australian organisations report using an average of 29 individual security solutions, the highest average globally, with 36% identifying having too many sources of information without a sole source of truth as a top hurdle. CISOs can find the number of security solutions available to them overwhelming, unnecessary, and challenging.
The right solutions would make a difference. 84% agree having the right tools in place would save them considerable time. 48% want access to a single integrated enterprise tool to optimise security investments.
"Australians continue to be at risk as a consequence of security operations teams not having the tools required to carry out efficient cybersecurity protection," says Luke Power, Managing Director, ANZ for Trellix.
"CISOs are operating in an extremely pressurised environment that virtually has no off-time, often leading to feelings of being unheard, invisible and unsupported.
"Recently, Australia has emerged as a highly vulnerable target for cybercriminals, and thus CISOs and their teams being ill-equipped to face cyberattacks is a recipe for further large-scale breaches," he says.
"Across every sector, immediate action must be taken in the fight against cybercriminals. By revolutionising the strategies of security operations teams, and by breaking down the barriers that prevent them from safeguarding critical data, we can move towards a safer future."
The Trellix study, conducted by Vanson Bourne, surveyed more than 500 global CISOs from companies with a minimum of 1,000 employees in the US, UK, France, Germany, Australia, India, Singapore, UAE, and Saudi Arabia. Industries covered include energy & utilities, healthcare, public sector, manufacturing & production, financial services, retail, distribution & transport, and business & professional services.