The 2023 “State of the CISO” report shares feedback from hundreds of CISOs/CSOs worldwide on the impact that today’s digital-first economy is having on their roles, the work-related and personal challenges they face as a consequence, and the top security gaps and concerns they’re working to address.
The rapid pace of today’s digital-first economy has increased security risks
Two thirds of CISOs worldwide (66%) say they are deploying more digital transformation initiatives now compared to two years ago. Digital initiatives have emerged as the cornerstone of business innovation. Yet nearly 90% of CISOs/CSOs worldwide say that the rapid adoption of digital transformation has made it more difficult to ensure the safety of their critical company and customer data.
CISOs face multiple security challenges from digitalization
CISOs cite many security challenges resulting from digitalization and also most are of fairly equal importance. As a consequence, CISOs must address numerous challenges at once.
The lack of cybersecurity talent surfaces as their number one security challenge, at 40%. Because digitalization has introduced new types of cybersecurity attacks, addressing them requires different skills and knowledge, which makes the tight talent pool an even bigger obstacle.
Concerns over litigation rank highest among CISOs’ personal challenges
CISOs identify numerous personal challenges from digital transformation, from job-related stress to expanded responsibilities to bigger teams to manage and lack of time. But at the very top of the list are concerns over personal litigation stemming from breaches (48%) and increased personal risk/liability (45%).
Get the State of the CISO report 2023
Supply chain and APIs are the biggest security control gaps
In identifying the top three security control gaps from digitalization, CISOs cite supply chain/third party vendors (38%), API adoption (37%) and cloud adoption (35%). Because supply chain/third-party vendors and cloud adoption rely on APIs to run, API security gaps impact these areas as well. Moreover, with the continuing growth of APIs, this need will only increase in the future.
95% of CISOs say their organizations have made API security a priority over next two years
With their API security ecosystems rapidly expanding, CISOs have put API security at the forefront. 95% of CISOs say their organizations have made API security a planned priority over the next two years. Without the ability to protect APIs, businesses put their digital initiatives at risk and with them their ability to drive innovation, growth, and profitability.
The speed of AI adoption is the global trend most impacting the CISO role
AI has transformed the cybersecurity landscape. Not surprisingly, CISOs worry about how AI will affect their organization. CISOs know that criminals are applying AI to accelerate attacks – and that AI makes these attacks even more sophisticated and harder to detect. Subsequently, CISOs realize that they need AI-driven solutions to defend against them.