CISO Report: Many companies lost sensitive data 

June 12, 2023
| No comments
CISO Report: Many companies lost sensitive data

Share post

In the latest Voice of the CISO report, Proofpoint publishes the top challenges, expectations and priorities of Chief Information Security Officers (CISOs). They say that four fifths of German companies have lost sensitive data in the last 12 months.

The results show that most CISOs have returned to the stress levels they were at when the pandemic began. 83 percent of German CISOs surveyed see themselves as a potential victim of a significant cyberattack in the next 12 months, compared to just 40 percent a year earlier.

Almost 80 percent expect the cyber attack

At that time, they still had the perception that relative calm had returned after the chaos of the pandemic. This year's data takes a step back to 2021, when 79 percent of CISOs believed a significant attack was imminent. In view of this data, it is surprising that German CISOs rate their preparedness highly: Only 49 percent feel unprepared to deal with a targeted cyber attack.

While companies have weathered much of the turbulence of the past two years, what they are suffering most from is high employee turnover. 95 percent of German CISOs confirm that former employees played a role in data loss. German CISOs, on the other hand, rate their data security measures astonishingly positively. Although 85 percent have struggled with the loss of sensitive information in the past 12 months, 50 percent believe they are adequately protecting their data.

Data loss by former employees

In these areas, CISOs see the greatest danger of a cyber attack within the next 12 months (Image: Proofpoint).

In these areas, CISOs see the greatest danger of a cyber attack within the next 12 months (Image: Proofpoint).

"Security leaders must be persistent in protecting their people and data, a task that is becoming increasingly difficult," said Ryan Kalember, Proofpoint's executive vice president of cybersecurity strategy. “Judging by the recent devastating attacks, CISOs have an even tougher road ahead, especially with security budgets being tight and work pressures increasing. CISOs need to ensure they are focusing on the right priorities to steer their organizations towards cyber resilience.”

The report highlights global trends and regional differences around three key themes: the threats and risks CISOs face every day; the impact of people on organizations' defense preparedness against cyber threats; and the countermeasures CISOs are taking, especially considering the impact of the economic downturn on security budgets. The study also assesses changes in the way security leaders and their boards work together, and how their relationship is affecting security priorities.

Some of the key findings of the Voice of the CISO Report 2023:

  • CISOs are just as concerned and feel just as unprepared as they were at the beginning of the pandemic: 83 percent of German CISOs (68 percent international) see themselves as a potential victim of a significant cyber attack in the next 12 months, compared to 40 percent (48 percent international) last year and 79 percent (64 percent international) in 2021. Considering these numbers It is surprising that only 49 percent of German CISOs (61 percent internationally) believe their company is unprepared for a targeted cyber attack, compared to 64 percent (50 percent internationally) last year and 79 percent (66 percent internationally) in 2021.
  • The loss of sensitive data increases due to employee turnover: 85 percent of those responsible for security in Germany (63 percent internationally) had to confirm a significant loss of sensitive data in the last 12 months. 95 percent (82 percent internationally) of this group believe that employees who left the company contributed to this loss. Despite these losses, 50 percent (60 percent internationally) of CISOs believe they have adequate measures in place to protect their data.
  • Supply chain security is not a priority for German CISOs: Only 50 percent of German CISOs (64 percent internationally) say they have adequate controls in place to mitigate cyber risk arising from their supply chain - significantly lower than the 60 percent last year. If German CISOs decide to focus on supply chain security again, they could face financial problems: 47 percent say that the uncertain economic situation has affected their budget.
  • CISOs and board members at odds: Only 39 percent of German CISOs (62 percent internationally) believe that they and their board of directors assess the challenges related to cybersecurity in a similar way. The relationship between management board and CISO in Germany has thus deteriorated: from 48 percent last year and 68 percent in 2021.
  • The growing pressure on CISOs is making the job increasingly unsustainable: 55 percent of German CISOs (61 percent international) feel they face unreasonable expectations, up slightly from 51 percent (49 percent international) last year. Not only the current threat situation is the cause of this situation, but also specific concerns of the CISOs: 52 percent (62 percent internationally) are concerned about their personal liability and 54 percent (60 percent internationally) state that they have suffered a burnout in the last 12 months experienced.

The report highlights global trends and regional differences around three key themes: the threats and risks CISOs face every day; the impact of people on organizations' defense preparedness against cyber threats; and the countermeasures CISOs are taking, especially considering the impact of the economic downturn on security budgets. The study also assesses changes in the way security leaders and their boards work together, and how their relationship is affecting security priorities.

Do you have a moment?

Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!

You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.

Here you go directly to the survey
 

Background of the report

For this year's Voice of the CISO report, at least 2023 CISOs each in medium and large companies from various industries in 100 countries worldwide were surveyed during the first quarter of 16: USA, Canada, Great Britain, France, Germany, Italy, Spain, Sweden, the Netherlands, United Arab Emirates, Saudi Arabia, Australia, Japan, Singapore, South Korea and Brazil.

More at Proofpoint.com

 

About Proofpoint

Proofpoint, Inc. is a leading cybersecurity company. The focus for Proofpoint is the protection of employees. Because these mean the greatest capital for a company, but also the greatest risk. With an integrated suite of cloud-based cybersecurity solutions, Proofpoint helps organizations around the world stop targeted threats, protect their data, and educate enterprise IT users about the risks of cyberattacks.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Vulnerabilities in medical devices

One in four medical devices (23%) has a vulnerability from the US cyber security agency CISA's Known Exploited Vulnerabilities (KEV) catalog. In addition, there are ➡ Read more

endpoint security, Stories
, , , ,