CISO Research Reveals 90% of Organisations Suffered at Least One Major Cyber Attack in the Last Year; 83% Report Ransomware Payments

Splunk has released its 2023 CISO Report, a new global research report detailing emerging trends, threats and strategies for today’s Chief Information Security Officers (CISOs), Chief Security Officers (CSOs) and other qualified security leader equivalents.

“The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions,” said Jason Lee, CISO, Splunk. “These relationships provide CISOs the opportunity to become champions who strengthen an organisation’s security culture and lead teams to become more cross-collaborative and resilient. By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defence management and prepare for the future.”

Notably, 86% of surveyed CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labour-intensive and time-consuming security functions and freeing up security professionals to be more strategic. Thirty-five percent report using generative AI for positive security applications and an additional 61% will likely use it within the next 12 months. Additional key findings from the research include:

CISOs Defend Against the Threat Landscape

CISOs pay ransomware demands. Ninety percent of respondents reported their organisation experienced at least one disruptive cyber-attack last year. Numerous industries experienced ransomware attacks that significantly impacted their systems and business operations, including financial services (59%), retail (59%) and healthcare (52%). Eighty-three percent of organisations paid the attackers in the wake of a ransomware attack, and more than half paid at least $100,000. The retail industry is the most likely to pay the ransom, with 95% of respondents reporting they either paid directly, through cyber insurance or a third party.

CISOs are trying to stay ahead of generative AI. The majority of CISOs (70%) surveyed believe generative AI could give cyber adversaries more opportunities to commit attacks, yet 35% are already experimenting with it for cyber defence including malware analysis, workflow automation and risk scoring. CISOs in healthcare (88%), manufacturing (76%) and financial services (72%) express the most fear that generative AI would give either a strong or slight advantage to cyber adversaries. Fifty-one percent of CISOs in financial services say they planned to implement specific cybersecurity controls to mitigate AI security risks. Ninety-three percent of CISOs have extensively or moderately implemented automation into their processes.

Reining in tools will close visibility gaps. CISOs overwhelmingly responded that tool sprawl is a major concern, likely compounding existing visibility issues. The vast majority (88%) say they see a need to rein in security analysis and operations tools with solutions like security orchestration, automation and response (SOAR), security information and event management (SIEM) and threat intelligence. CISOs are looking to decrease the number of tools they use and simplify processes with automation.

Organisations Prioritise Cybersecurity

CISOs are now in the C-Suite. In 47% of organisations surveyed, the CISOs are now reporting directly to the CEO, indicating a closer relationship with the C-Suite and their respective governing boards. Boards of directors are increasingly looking to CISOs to guide cybersecurity strategy, offering an opportunity for CISOs to articulate value and fill in communication gaps. Numerous CISOs across many industries report regular participation in board meetings, including technology (100%), government (100%), communications and media (94%), healthcare (88%) and manufacturing (86%). Ninety percent of CISOs say their governing board cares more about different KPIs and security metrics today than it did two years ago. The top three CISO metrics for success are: results of security testing, the ROI of security investments, and the ability to purchase cyber insurance.

Boards prioritise security funding. Ninety-three percent of respondent CISOs expect an increase in their cybersecurity budget over the next year, yet 83% see cuts in other parts of their organisation. Economic challenges are impacting security with 80% saying they have noticed their organisation has faced a growing number of threats coinciding with the declining economy.

Cross-functional collaboration will be critical for a lasting resilience strategy. Ninety-two percent of respondents report either a significant or moderate increase in cybersecurity collaboration between security teams, IT and engineering organisations, largely driven by initiatives like digital transformation, cloud native development and a greater emphasis on risk management. Seventy-seven percent indicate collaboration with IT and development teams on incident root cause analysis and resolution was good, while 42% said there is still room for improvement. CISOs agree that strategic collaboration will be vital to gain visibility and ensure resilience throughout the organisation.