Cybersecurity specialists claim lower odds for significant cyber assaults

In a recent survey commissioned by Proofpoint and conducted by Censuswide, concerns about cyberattacks among Chief Information Security Officers (CISOs) have decreased significantly. According to the survey, less than half of the 1,400 global CISOs surveyed anticipate a substantial cyberattack this year, marking a significant shift from the 64% that held that concern last year.

Lucia Milică, global resident CISO at Proofpoint, stated that CISOs have adapted to a higher threshold of cyberattacks than they were accustomed to prior to the pandemic. However, CISOs continue to face a troubling skills gap, challenges with talent acquisition and retention, alert fatigue, and burnout.

The rise of systemic risk following widespread enterprise digitization efforts highlights the need for boards to prioritize resources and better reflect the critical role cybersecurity plays throughout a company's operations. However, the survey also revealed that half of the CISOs surveyed feel that their organization remains unprepared to handle a cyberattack.

The proposed rules by the Securities and Exchange Commission (SEC) for cybersecurity disclosure, similar in nature to what the Sarbanes-Oxley Act of 2002 did for financial record keeping and reporting, could lead to better strategies and more budget allocated to cybersecurity. Lucia Milică supports these proposed rules, expressing concern about completely exhausting existing resources due to these challenges.

The proposed rules would require more expertise at the board level and regular filings on management, governance, and strategy. However, boards generally do not fully understand the complexities in modern digital systems. The lack of support from corporate boards increased during the last year, according to Proofpoint, despite major and persistent ransomware attacks elevating C-suite awareness of risk.

Fewer CISOs are aligning with the board on cybersecurity matters, according to Proofpoint. Additionally, CISOs perceive less risk of a material cyberattack, but concerns about the mental health impacts of these challenges persist. CISOs generally feel more level-footed and in command of their IT infrastructure now that they've had the opportunity to reflect and make permanent changes after two years of heightened uncertainty.

Despite the progress made, the search results do not provide information about which company conducted the cybersecurity survey involving 1,400 global CISOs. The need for boards to prioritize resources and better understand the complexities of modern digital systems remains a pressing issue in the cybersecurity landscape.