The survey reveals that among the biggest pain points for CISOs are 3rd party risk management and AI security, and that budget lines expected to expand are IAM, Cloud Security and Data Security
Team8 released its 2023 CISO Village Survey, aggregating insights and responses from 130 CISOs representing global prominent enterprises, including Fortune 500 companies.
“Identity and access management is a decades old challenge that requires clear prioritization and investment to address the protection of cloud, SaaS and IoT environments.”
Among the executives who reviewed and contributed to the report are David Cross, SVP, CISO SaaS Cloud Security at Oracle, Renee Guttmann, Former CISO at Campbell Soup Company, Royal Caribbean Cruises and Coca-Cola, Sounil Yu, CISO and Head of Research at JupiterOne, Iain Paterson, CISO at WELL Health Technologies Corp, Paul Branley, CISO at TSB Bank, Steve Sparkes, CISO at Scotia Bank and more.
CIO INFLUENCE News: HMY Group Doubles Cloud Application Capacity on Four Continents with GTT Managed SD-WAN
One of the core findings of the survey was that despite the macroeconomic environment, 56% of CISOs reported that their budget had increased since last year.
The CISO Village Survey provides findings and insights from the CISO Community in the following categories:
- Security Budgets
- Budget Line Expansion Expectations
- Organizational Cybersecurity Problems
- The evolution of the CISO role
- And More
Cyber Budgets Are On The Up Amidst Economic Uncertainty
Despite being in a period of economic slowdown, 56 percent of survey respondents reported an increase in their cybersecurity budget from 2022. This data aligns with the global trend that cybersecurity spending has not been significantly impacted by recent geopolitical and economic challenges as expected, as cyber threats continue accelerating.
Among the CISOs reporting budget decreases, the majority of these cuts were observed in larger companies with over 100 cybersecurity employees and budgets exceeding $10 million.
Speaking on the centrality of cybersecurity in an enterprise’s strategy in 2023, Admiral. Mike Rogers, Former Director of the NSA and Operating Partner at Team8 said, “In a world rife with economic and geopolitical challenges, cybersecurity takes center stage as enterprises recognize the critical necessity of increasing investment in robust defense measures to protect their most valuable assets.”
CIO INFLUENCE News: Rapid7 and USF Collaborate on Cyber Training Initiative With $1.5 Million Grant From Office of Naval Research and NSF
Budgets Have Increased, But Where Are They Going To Be Allocated?
Survey results revealed that Identity and Access Management (IAM) and Cloud Security are the top categories for anticipated budget expansion. With the accelerated adoption of cloud technologies and remote work trends, CISOs seek to enhance their cybersecurity posture by investing in robust IAM and cloud security solutions.
David Cross, SVP, CISO SaaS Cloud Security at Oracle added on why Cloud Security budgets are expected to increase, said that “Businesses are rapidly migrating their data and applications to the cloud to take advantage of the innovation and security benefits that are difficult to achieve in on-premise environments. They are equally seeking out cloud security best practices, technologies and solutions to assist in this transition from the traditional datacenter skills, experiences and processes.”
Speaking on the expected budget line expansions in Identity and Access Management, Renee Guttmann, former CISO at Campbell Soup Company, Royal Caribbean Cruises and Coca-Cola added that “Identity and access management is a decades old challenge that requires clear prioritization and investment to address the protection of cloud, SaaS and IoT environments.” Guttmann added that “Companies will need to embrace emerging technology including AI based identity solutions that will more effectively – and at scale – validate identity, support compliance and enable the detection and response of behavioral anomalies of its employees, third parties, and IoT systems.”
What’s Keeping CISOs Up At Night?
Surveyed CISOs expressed the need for innovation in several areas to tackle emerging cybersecurity challenges. Third-party risk management, AI security, and insider threats emerged as the most pressing problems where existing solutions fell short. The COVID-19 pandemic and the rapid adoption of remote work have created unmet needs in existing IGA tools and programs. With the rise of Generative AI, 48% of surveyed CISOs called ‘AI Security’ their biggest concern.
Regarding these emerging challenges, Adm. Mike Rogers, former Head of the NSA and Operating Partner at Team8 added “As technology evolves, it brings with it a new breed of risks that demand our constant vigilance – complacency is not an option in the face of evolving threats. We are determined to stay one step ahead of malicious actors by driving innovation in critical areas, as the need to manage third-party risks and AI security.”
CIO INFLUENCE News: Reliance and NVIDIA Partner to Advance AI in India, for India
[To share your insights with us, please write to sghosh@martechseries.com]
