Listen up, folks! Chief information security officers (or CISOs) are losing sleep over human errors when it comes to protecting data. According to Proofpoint’s “Cybersecurity: The 2023 Board Perspective” report, a whopping 78 percent of CISOs see human error as the biggest risk. But here’s the kicker – only 56 percent of UK board directors feel the same way. Can you believe that?
Now, here’s where it gets interesting. While 73 percent of CISOs are confident in their organization’s ability to protect data, only 56 percent of directors share that same confidence. Talk about a disconnect!
But wait, there’s more! According to the report, UK board members are actually feeling more confident year over year. In 2022, 76 percent of them believed their organizations were at risk of a cyber-attack. Fast forward to 2023, and that number drops to 44 percent. However, global board members are still feeling pretty jittery, with 73 percent of them feeling at risk of a cyber-attack. It’s a wild world out there, ladies and gentlemen.
Here’s where things get really interesting. While UK CISOs are losing sleep over the potential liability they face in the event of a cybersecurity incident (a whopping 79 percent of them), board members are a bit more chill about it. Only 54 percent of directors express similar concern. It’s a case of “better safe than sorry” for the CISOs, it seems.
Now, let’s talk about the biggest risks. Board members are worried about malware, cloud account compromise, and ransomware. On the other hand, CISOs have their eyes on email fraud, insider threats, and phishing. Interestingly enough, both parties are concerned about cloud account compromise. Looks like they’re not so far apart after all.
And let’s not forget about the specter of AI. A whopping 41 percent of directors view emerging technology like ChatGPT as a security risk. It’s no wonder it’s keeping them up at night.
The researchers surveyed 659 board members from various countries, including the US, Canada, UK, France, Germany, Italy, Spain, Australia, Singapore, Japan, Brazil, and Mexico. While globally CISOs and board members seem to be on the same page, the UK still has some catching up to do.
Ryan Kalember, the executive vice president of cybersecurity strategy at Proofpoint, hit the nail on the head when he said, “Improving board-CISO relationships, especially in the UK, is crucial moving forward. Directors and security leaders need to be on the same page to tackle the challenges ahead.”
And they’re not wrong. According to Andrew Rose, Resident CISO, EMEA at Proofpoint, UK board members should remember that the risk of cyber-attacks is still very real and the threats will continue to evolve. He stressed the importance of board-CISO partnerships and urged boards to invest heavily in preparedness and organizational resilience. Solid advice if you ask me.