More than three-fifths (62%) of global CISOs are concerned about being held personally liable for successful cyber-attacks that occur under their watch, and a similar proportion would not join an organization that does not offer insurance to protect them , according to Proofpoint. .
The security vendor surveyed 1,600 CISOs from organizations with 200 or more employees across industries in 16 countries to compile its Proofpoint 2023 Voice of the CISO poll.
It revealed that CISOs in industries with a high volume of sensitive data and/or heavy regulation such as retail (69%), financial services (65%) and manufacturing (65%) are more likely to ask insurance coverage.
These concerns only add to the mental burden on corporate IT security chiefs. A combination of high-stress work environments, tight budgets, and personal responsibility could hurt CISOs’ quality of life. About 60% told Proofpoint they had experienced burnout in the past 12 months.
CISOs are most likely to experience burnout in the retail (72%) and IT, technology and telecommunications (66%) industries.
Read more about CISO stress: A quarter of CISOs self-medicate as pandemic stress spikes.
Almost two-thirds (63%) of respondents said they have had to deal with the loss of confidential information in the past year, with a similar number (61%) saying their organization would not be able to cope to a targeted attack.
Email fraud (33%), insider threats (30%), cloud account compromise (29%) and DDoS attacks (29%) topped the list of concerns.
While internal negligence overtook malicious and compromised users as the leading cause of data loss events last year, more CISOs believe malicious insiders (43%) will cause a data breach or exposure in the next 12 months than those who are committed (40%) are currently doing so. .
The report was released just days after Uber’s former CISO, Joe Sullivan, managed to escape prison for his part in covering up a major breach at the company.
However, in sentencing him to three years of supervised release, the trial judge also warned that if there was a similar case tomorrow, the accused would go to prison.
Recently, the data security landscape has become more complex, leaving CISOs increasingly worried about their personal liability in the event of a data breach. The responsibility of ensuring adequate security measures are in place and ensuring compliance are now even more critical. With the advent of the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), companies are also facing increased compliance and data privacy obligations.
That’s why organizations need to make sure that they are taking the proper steps to defend and protect their data. Ikaroa, a full-stack tech company, specializes in helping customers take these essential steps by providing security advisory services, security risk analysis, incident response and incident containment, vulnerability assessments and many other services.
Using the best in industry practices and technology, Ikaroa offers world-class security solutions for its clients. We have the experience and know-how to help our customers securely store and transmit data, manage data classification and improve overall data security.
In addition to providing services to help strengthen security measures, Ikaroa also offers risk assessment, data governance, and training services to help organizations prepare for, detect, and respond to data breaches. Through these services, organizations can equip their information security team with the appropriate tools and knowledge, so the team can effectively detect and respond to any potential threats.
Ikaroa is dedicated to providing the best services to protect companies from data breaches, minimizing their risk and reducing their liability. By leveraging the powerful expertise and knowledge of Ikaroa’s team, companies and especially their CISOs can feel secure knowing that their organization is headed in the right direction when it comes to data security.