Nominet CISO Stress Report Press Release – Nominet Cyber

More support needed from the board

So where does the C-Suite sit in all this? The research found that the board does take security seriously, with 47% saying that cyber security is a “great” concern to them. They are actually more likely than CISOs to think that cyber threats are a “high” or “very high” risk to their business (90% vs 66%). They are also aware of the high-pressure nature of the CISO’s job, with 74% saying they believe their security team to be moderately or tremendously stressed. However, many still hold the CISO responsible for a breach and expect them to deliver more value to the business.

Key findings:

  • 66% of the organisations surveyed had experienced at least one security breach in the past year, 30% had experienced multiple
  • 24% of CISOs said that their board doesn’t accept breaches are inevitable
  • The majority of both CISOs (37%) and C-Suite (31%) believe the CISO is ultimately responsible for the response to a security breach
  • 29% of CISOs believe that the executive team would fire the responsible party, which is confirmed by the C-Suite (31%). A fifth (20%) of CISOs believe they would be fired whether they were responsible or not.
  • 97% of the C-Suite said that the security team could improve on delivering value for the amount of budget they receive

Stuart Reed, VP of Cyber at Nominet concluded:

1 2 3 4 5 6 7 8 9 10