According to a new report by Navisite, 45 percent of companies don’t employ a Chief Information Security Officer (CISO). This information comes from the State of Cybersecurity Leadership and Readiness report based on a survey of 130 security and IT professionals in the United States. The report revealed just how many companies still lack the proper cybersecurity personnel on board.
TechTarget defines a CISO as “a senior-level executive responsible for developing and implementing an information security program” — an essential position for any company. However, Navisite’s research shows that 45 percent of companies don’t employ a CISO. Worse, 21 percent answered that they don’t have a dedicated cybersecurity staff or employee, indicating how unprepared companies are to deal with targeted security attacks.
60 percent of companies rely on positions within the company besides the CISO/security team (IT, executive leadership, and compliance) for developing a cybersecurity strategy. While non-security professionals may be able to deal with simple threats, the cybersecurity threat landscape is anything but simple. Considering 75 percent of organizations experienced an overall increase in threat volume within the past year, it’s clear that this approach isn’t working.
In the company’s press release on the survey, Navisite CISO Aaron Boissonnault stated: “The survey results support what we’re seeing across the board: organizations prioritized their security efforts during COVID, but at the same time, they’re acutely aware of how much more they need to do to effectively defend against cyber threats. The data also points to an ongoing problem in the industry: a cybersecurity skills shortage that extends to the highest levels. Companies value and want cybersecurity leadership, but it is increasingly difficult to find and retain these individuals.”
Download your copy of the State of Cybersecurity Leadership and Readiness report here.
- Cymulate: Ransomware Victims Are Increasing Security After an Attack - November 29, 2021
- What to Expect During the Third Annual Solutions Review InfoSec Insight Jam on December 6 - November 24, 2021
- 45 Percent of Companies Don’t Have a Chief Information Security Officer - November 22, 2021