76% of CEOs and CISOs are losing sleep over the prospect of becoming the next headline-grabbing security breach. This is despite a high percentage (87%) believing that their security team is consistently ahead of cybersecurity threats.
This has been the finding of the C-Suite Report: The Current and Future State of Cybersecurity, conducted by global cybersecurity firm Forcepoint in partnership with Wall Street Journal Intelligence. The report features new research on global business leaders’ cybersecurity priorities as well as growing disparities in how CEOs and CISOs view the most effective cybersecurity path forward.
Cybersecurity strategies are seen by 85% of executives as a major driver for digital transformation, yet 66% recognize the increased organizational exposure to cyber threats because of digitization. Only 46% of leaders regularly review their cybersecurity strategies.
The global survey of 200 CEOs and CISOs from across industries including Healthcare, Finance and Retail, among others, uncovered prominent cybersecurity stressors and areas of disconnect for business and security leaders, including the lack of an ongoing cybersecurity strategy for less than half of all CEO respondents.
The research also identified disparities between geographic regions on data protection as well as a digital transformation dichotomy battle between increased risk and increased technology capability.
“When more than 89% of leaders believe their teams are more cyber-aware than ever, it’s not surprising to hear executives are losing sleep over their cybersecurity posture today because they know the stakes to their business are so high,” said Nicolas Fischbach, Global CTO of Forcepoint.
Disparities Between CEOs, CISOs and Global Geographies
The C-Suite Report: The Current and Future State of Cybersecurity research spotlights the disparity in how enterprises across global geographies prioritize key elements of security. Protecting customer data is a resounding priority for leaders in the US (62%) and Europe (64%), while in Asia 61% of leaders will prioritize protecting organizational IP over customer data.
Factors influencing these results may be due in part to differing regulatory approaches to data and privacy protection as well as recent legislative decisions in the U.S. and Europe, such as GDPR and CCPA.
There is also a clear divide between CEOs and CISOs in how they identify the right cybersecurity path forward for their business.
CEOs prefer to be proactive and risk-focused (58%), prioritizing maintenance of business stability above all. While more than half of CISOs (54%) embrace a more reactive, incident-driven approach to mitigating today’s dynamic cybersecurity threat landscape.
The research also found that, despite claiming vendor fatigue, enterprises use more than 50 security vendors on average with 62% reporting they want even more. However, as more enterprises begin to embrace the cost savings and benefits of converged networking and security capabilities found in the emerging Secure Access Service Edge (SASE) security architecture approach the need for dozens of security vendors will abate over time.