back to article 70% of CISOs worry their org is at risk of a material cyber attack

Chief information security officers around the globe "are nervously looking over the horizon," according to a survey of 1,600 CISOs that found more than two thirds (70 percent) worry their organization is at risk of a material cyber attack over the next 12 months.  This is compared to 68 percent the year prior, and 48 percent …

  1. Version 1.0 Silver badge

    This is normal

    Two thirds worry but one third are not worrying so that's how hacking moves ahead in today's world. These numbers don't make it happen, that's just the odds these days, unfortunately even if everyone is worried it doesn't prevent hacking from happening most of the time.

  2. Andy Non Silver badge

    "personal, financial and legal liability in their role"

    That adds a frightening prospect to working in this field. Not only could you be fired if the scumbags gain access to the systems, you could also be facing fines and legal action by the authorities, maybe even prison time? Sounds like you need personal liability insurance as you would if you are surgeon etc. Wonder if it would even pay out though if the state imposed fines/punishment for perceived negligence? No wonder there is a high burnout in the field. Surprising anyone would want the job.

    1. Claptrap314 Silver badge

      Re: "personal, financial and legal liability in their role"

      The way out of this is to document, document, document. Especially when you are being overruled. They may still make you walk the plank, but the feds will take one look at those emails, and know what was up.

  3. excperr

    Its a similar huge liability in Digital Forensics around CSAM. Don't handle that poison correctly and you will be charged with possession and with the current laws as they stand convicted.

  4. vtcodger Silver badge

    And the other 30%

    70% of CISOs worry their org is at risk of a material cyber attack

    The other 30% reckon they can be in Brazil along with a large chunk of the company pension plan assets in roughly 16 hours from the start of the cyber attack. There's more than one approach to dealing with this problem.

  5. Plest Silver badge
    Thumb Up

    Good! About time they did something worthwhile!

    CISO used to be the most useless c-suite position going, they'd hand it to company auditors who weren't good enough for other board positions. Well the day of reckoning is here with the infosec becoming ever more important with each passing day, time to start earning that money!

  6. Bebu Silver badge

    And the 30% who don't?

    I cannot imagine any organisation that actually requires a CISO is anything like immune from these cyber hazards.

    Either in Lala land or work remotely from Brazil.

    The best of organisations still have pretty piss poor security possibly excluding intelligence and the military and even then I would not bet on those either.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like