CISO anxiety returns amid heightened concern of material cyberattacks

Dive Brief:

• After a year of relative calm, more than two-thirds of CISOs across the globe are concerned about a material cyberattack impacting their organization, according to a report from Proofpoint. The report is based on a total of 1,600 CISOs across 16 different countries. 
• The 2023 Voice of the CISO report shows 68% of CISOs feel their organizations are at risk of a material cyberattack, compared with only 48% a year ago. In addition, 3 in 5 CISOs said their organizations were unprepared to cope with a targeted attack, compared with just 50% a year ago. 
• The report shows the lingering impact of the Great Resignation and the more recent wave of corporate job cuts linked to fears of an oncoming recession. About 4 in 5 CISOs surveyed said data loss events were linked to employees leaving the organization.

Dive Insight:

The report examines the post-pandemic concerns of CISOs around the globe. Companies, in many ways, have begun to readjust as workers begin to return to corporate offices or work in hybrid environments. 

CISOs had previously enjoyed a brief sense of calm, sensing they had overcome the anxiety of supply chain attacks like the SolarWinds incident or the ransomware surge highlighted by the Colonial Pipeline and Kaseya attacks. 

“That return to normal operations in a post-pandemic world is probably starting to wear off a little bit of that optimism,” said Lucia Milică Stacy, global resident CISO at Proofpoint.

For most CISOs, the job is getting hard. More than 60% of CISOs said they face unreasonable job expectations, compared with only 49% a year ago. 

The report shows that 62% are concerned about potential personal liability as more emphasis has been placed on incident response and governance. Three in 5 CISOs have experienced burnout over the past 12 months.