Seventy percent of chief information security officers (CISOs) have said their businesses are at risk of a cyber-attack in the next year.
According to Proofpoint’s annual Voice of the CISO report, CISOs have faced a growing array of cyber-threats and challenges over the past year. The shift to remote and hybrid work has expanded the attack surface for many businesses, making cybersecurity more complex and crucial.
Employee turnover has also reached record levels, often leading to data loss as departing staff take information with them. Additionally, the accessibility of generative AI and off-the-shelf tools has put sophisticated cyber-attack capabilities within reach of virtually anyone with a modest budget.
Research published by Proofpoint today highlights that careless employees are the primary cause of data loss for companies. To gauge how CISOs are coping in this evolving landscape, Proofpoint conducted a global survey of 1600 security leaders from organizations with over 1000 employees. The findings reveal a mix of heightened concern and increased preparedness among these professionals.
Despite rising worries about cyber-threats, with 70% of CISOs believing their businesses are at risk of an attack in the next year, many feel better equipped to handle such incidents. Only 43% feel unprepared for a targeted attack, a significant decrease from previous years. This indicates a growing confidence among CISOs in their companies’ defensive measures, even as they brace for imminent threats.
Human error remains a critical concern, with 74% of CISOs identifying it as their most significant cyber vulnerability. This is up from 60% in 2023 and 56% in 2022.
Furthermore, 80% anticipate that human risk and employee negligence will be major cybersecurity issues in the next two years. This suggests a disconnect between employees’ awareness of cyber-threats and their effectiveness in mitigating them, despite 86% of CISOs believing their staff understand their role in defending against cyber-threats.
Over half of the surveyed CISOs also reported experiencing or witnessing burnout in the past year, and 66% feel the expectations placed on them are excessive.