To reduce vulnerabilities in this area, 87% of CISOs are turning to AI-powered technology to protect against human error and block advanced human-centric cyber threats.
Sunnyvale, California, May 21, 2024–(BUSINESS WIRE)–Proofpoint, a leading cybersecurity and compliance company, today announced the key challenges, expectations, and priorities of chief information security officers (CISOs) around the world. We have published our annual CISO report.
Our 2024 report highlights notable trends. While concerns about cyber-attacks continue to grow, CISOs are expressing increased confidence in their ability to defend against these threats, reflecting major changes in the cybersecurity landscape. More than two-thirds (70%) of CISOs surveyed feel they are at risk of a significant cyberattack in the next 12 months. This compares to 68% last year and 48% in 2022. Her CISOs today are clearly on high alert, but there is a growing sense of trust among CISOs. Only 43% of people feel unprepared to deal with targeted cyberattacks, a notable decrease from 61% last year and 50% in 2022.
Human error continues to be recognized as the Achilles heel of cybersecurity, with nearly three-quarters (74%) of CISOs identifying human error as their most critical vulnerability. With insider threats and human-caused data loss on the rise over the past year, more CISOs than ever before (80%) say human risk, particularly employee negligence, will be a key focus for cybersecurity over the next two years. I think this is a matter of great concern. However, there is growing optimism about the role of AI-powered solutions in mitigating human-centric risks, reflecting a strategic shift towards technology-driven defense.
The 2024 Voice of the CISO report examines global third-party survey responses from 1,600 CISOs from organizations with 1,000 or more employees across a variety of industries. Interviewed 100 CISOs across 16 markets throughout Q1 2024: US, Canada, UK, France, Germany, Italy, Spain, Sweden, Netherlands, UAE, Saudi Arabia, Australia, Japan, Singapore, and South was carried out. South Korea and Brazil.
The report provides a critical perspective on the state of cybersecurity from those on the front lines of protecting people and defending data. The report also highlights the importance of maintaining a robust cybersecurity posture in the face of economic pressures, and the critical role of the human factor in an organization's cyber response. The survey also measures the shift in alignment between security leaders and the board of directors, exploring how their relationship impacts security priorities.
“As the cybersecurity landscape continues to evolve with increasing human-centric threats, the 2024 Voice of the CISO report highlights pivotal changes that will improve the resilience, preparedness, and confidence of CISOs worldwide. It highlights what we think is the case,” said Patrick Joyce, Global CISO-in-Residence. evidence. “This year's findings highlight a collective move toward strategic defense, including increased education, technology adoption, and adaptive approaches to emerging threats such as generative AI.”
Here are the key global findings from Proofpoint's 2024 Voice of the CISO report:
-
While human error remains the top threat for cyber vulnerabilities, CISOs are turning to AI solutions for help. This year, a growing number of CISOs believe human error is their organization's biggest cyber vulnerability. In 2023, it was 60%, compared to 74% in this year's survey. However, 86% of CISOs believe that employees are their organization's biggest cyber vulnerability. To protect the organization. This confidence is higher than in previous years, at 61% in 2023 and 60% in 2022. This can be attributed to the fact that 87% of CISOs surveyed are considering implementing AI-powered capabilities to protect against human error and advanced human-centric cyber threats. .
-
More CISOs fear cyberattacks, but fewer feel unprepared, indicating increased confidence in security measures. In 2024, 70% of CISOs surveyed feel at risk of experiencing a significant cyberattack in the next 12 months, compared to 68% in 2023 and 48% in 2022. . However, only 43% feel their organizations are unprepared to deal with targeted cyberattacks. The percentage of cyber attacks reached 61% in 2023 and 50% in 2022.
-
Generative AI is a top security concern for CISOs. In 2024, 54% of CISOs surveyed believe generative AI will pose a security risk to their organization. The top three systems that CISOs believe pose a risk to their organization are ChatGPT/other genAI (44%), Slack/Teams/Zoom/other collaboration tools (39%), and Microsoft 365 (38%) is.
-
Employee turnover remains a concern, but CISOs have confidence in their company's defenses. In 2024, 46% of security leaders will report that they had to deal with a significant loss of sensitive data in the past 12 months, and of those, 73% agreed that employee departures contributed to the loss. Despite these losses, 81% of CISOs believe they have the controls in place to protect data.
-
The majority of CISOs are adopting DLP technology and investing more in security education. In 2024, 51% of CISOs surveyed had data loss prevention technology (DLP) in place, compared to just 35% in 2023. More than half (53%) of CISOs surveyed are investing in educating their employees on data security best practices, and this will increase by 2024. Until 2023 (39%).
-
Ransomware and malware are a top concern for CISOs. The top cybersecurity threats perceived by CISOs in 2024 are ransomware attacks (41%), malware (38%), and email fraud (36%). These top threats are different from last year. Business Email Compromise (BEC) has dropped from number one, ransomware has moved up to number one, and malware has moved up to number two.
-
Firm stance on ransom payments while increasing reliance on cyber insurance. In 2024, CISOs' views on ransom payments remain unchanged. 62% of CISOs believe their organization will pay to restore systems and prevent data loss if they suffer a ransomware attack in the next 12 months. 79% of CISOs said they would rely on cyber insurance claims to recover from potential losses, compared to 61% in 2023.
-
The relationship between the board and the CISO has improved significantly. In 2024, 84% of CISOs agree that board members are on the same page on cybersecurity issues. This is a significant increase from 62% in 2023 and 51% in 2022.
-
The pressure from CISOs is relentless. In 2024, 53% of CISOs will admit to burnout, up from 60% last year. Additionally, 66% feel they face too much expectations, a steady increase from 61% last year and 49% in 2022. The sustainability of ongoing expectations for CISOs continues to be tested, with 66% concerned about personal liability (up from 62% in 2023) and 72% offering directors and officers (D&O) insurance. (61% in 2023) say they would not join an organization that does not. Furthermore, 59% of CISOs agree that the current economic downturn is hampering their ability to make business-critical investments, and 48% have been asked to cut staff, defer hiring, or reduce security budgets. I am.
“It's encouraging to see CISOs gaining confidence in their strategies and tools as they navigate the complexity of today's cyber threat environment,” said Ryan Kalember, Chief Strategy Officer at Proofpoint. I am commenting. “However, ongoing challenges such as employee turnover, pressure on resources, and the need for continued board involvement are a reminder that vigilance and adaptation are key to our collective cyber resilience. Masu.”
To download the 2024 CISO report, visit https://www.proofpoint.com/us/resources/white-papers/voice-of-the-ciso-report.
About Proofpoint, Inc.
Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations' greatest assets and greatest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps businesses around the world thwart targeted threats, protect data, and make users more resilient to cyberattacks. Leading organizations of all sizes, including 85% of Fortune 100 companies, rely on Proofpoint for human-centric security and compliance solutions that reduce their most critical risks across email, cloud, social media, and the web. For more information, please visit www.proofpoint.com.
Connect to Proofpoint. X | LinkedIn | Facebook | YouTube
Proofpoint is a registered trademark or trade name of Proofpoint, Inc. in the United States and other countries. All other trademarks contained herein are the property of their respective owners.
View source version on businesswire.com. https://www.businesswire.com/news/home/20240521590747/ja/
contact address
ProofPoint Media Contact:
Estelle Delue
Proof Point Co., Ltd.
pr@proofpoint.com
