The onslaught of cyberattacks has taught Indian organizations one important thing: The Chief Information Security Officer (CISO) is indispensable to a business’s survival. Cybersecurity exploits and material data breaches are contributing to changing attitudes about IT security programs.
In order to discover how CISOs work, what they are doing, and where they should reside within the organization is key to strengthening their capability - The Ponemon Institute and F5 Networks collaborated on a global research study—The Evolving Role of CISOs and Their Importance to the Business. The following findings present key takeaways from the IT security leaders in India.
Security is becoming a business priority
According to the report, 57% of respondents have experienced big developments that are driving change in their attitudes about their security programs. However, 49% respondents believe their organization considers security to be a business priority.
CISOs believe in the importance of an executive-level security leader
According to the CISO report, 56% of respondents believe that there is a need for an executive-level, enterprise-wide responsibility role. This, in their opinion, is the most important governance practice for organizations. A similar percentage of respondents feel that the creation of a cross-functional committee to oversee IT security strategies is must.
Companies need stronger policies to protect themselves from insider threat
A total of 31% of respondents have had employees and supervisors are held strictly accountable for IT security infractions and non-compliance.
Assess the risks created by the Internet of Things (IoT)
83% of respondents feel IoT will cause significant or some change to their practices and requirements. Most of these companies are setting new policies and standard operating procedures.
Hold third parties to a higher standard of security
Outsourcing security functions is still considered an important option. A total of 60% of respondents' organizations outsource an average of 36% of IT security requirements. However, respondents agree that outsourcing security functions is considered an important option, it does create risks.
Invest in technologies to protect endpoints, applications, and data
According to the findings, 23% of IT security posture will be less dependent on network security in the next two years, and more dependent on application security (31%) and endpoint security (30%).
These important findings sum up one important thing: Organizations are finally realsing the need for a stronger security posture in organizations. But more importantly, it is the appointment of a CISO that will bring the necessary change.
Add new comment