In a recent IBM research study it was found that over 80 percent of security leaders feel that the challenges from external threats such as cyber-attacks are on the rise. 60 percent feel that their organizations are not up to the challenge.
This is IBM’s third annual Chief Information Security Officer (CISO) study and was conducted by the IBM Center for Applied Insights, in collaboration with IBM Security. They conducted in-depth interviews with around 140 organizations, specifically the senior-most IT and line-of-business executives responsible. 63 percent of these were Chief Information Security Officer’s, the rest included, CIOs, VPs of IT Security and Security Directors. The organizations spanned a broad range of industries across five different countries.
The report reads, “The 2014 edition of the CISO Assessment evaluates the current state of security leadership and what leaders expect to face in the next three to five years. Security leaders are in the midst of an evolution. Driven by the specter of external attacks and the needs of their own organizations, they are continuing the shift toward a business leadership role that focuses on risk management and taking a more integrated and systemic approach.”
The findings show that security is finally being taken more seriously than before. Over 70 percent said real-time security intelligence is increasingly important to their organization. Sophisticated external threats were identified by 40 percent of security leaders as their top challenge. This far outstripped the next challenge which was identified as being regulations, which was rated by just under 15 percent. Consequently, enterprises are making shifts when identifying their business priorities. Protections against external threats will have increase attention over the next three to five years, it is said to be as much as regulations, new technologies, and internal threats combined.
Brendan Hannigan, the general manager at IBM Security said, “CISOs are finally getting a seat in the Boardroom. Security leaders must now use this growing influence to deliver better results: prioritising the protection of critical assets, focusing investments on intelligence and recruiting top industry talent to augment internal efforts.”
Additionally, the study showed a cloud positive shift whereby 90 percent of interviewees had adopted, or plan to adopt, the cloud. Furthermore, 75 percent expect to see their cloud security budgets increase dramatically over the next three to five years.