New Coalfire Report Reveals CISOs Rising InfluenceJanuary 19, 2023
In partnership with the world-class Dark Reading research team, global cybersecurity pioneer Coalfire unveiled its second annual State of CISO Influence report, which explores the expanding influence of Chief Information Security Officers (CISOs) and other security leaders.
The report revealed that the CISO role is maturing quickly, and the position is experiencing more equity in the boardroom. In the last year alone, there was a 10-point uptick in CISOs doing monthly reporting to the board. These positive outcomes likely stem from the increasingly metrics-driven reporting CISOs provide, where data is more effectively leveraged to connect security outcomes to business objectives.
An especially promising development in this year’s report is how security teams are being looped into corporate projects. Of the security leaders surveyed, 78% say they are consulted early in project development when business objectives are first identified, and two-thirds are now making presentations to the highest levels of enterprise authority. 56% of CISOs present security metrics to their CEOs, up from 43% in 2021.
Cloud migration was universally identified as one of those top business objectives. The move to the cloud saddles CISOs with many challenges. The top priorities listed by CISOs include dealing with an expanding attack surface, staffing, and new compliance requirements – all within constrained budgets. In fact, 43% of security leaders said their budgets remained static or were reduced following business migration to the cloud.
Given these challenges, leading CISOs are transforming their approaches. To address multiple cloud compliance requirements, security leaders are focusing on the most onerous set of rules and creating separate environments for different requirements. Risk assessments were identified as the key tool used to secure funding for these and other cyber initiatives and to set top priorities.
“Costs and risks are up, while at the same time, cyber budgets are trending flat or down,” said Coalfire CEO Tom McAndrew. “Cybersecurity has historically been lower in priority for organizations, but we are witnessing a big shift in enterprise cyber expectations. CISOs are rising to meet those expectations, speaking to the business, and as a result, solidifying their role in the C-suite.”
The report provides seasoned and aspiring security leaders with the most effective strategies to increase C-level influence, build brand trust, and implement cloud migration best practices. Respondents comprised 137 C-level security and IT professionals in North America across major industry sectors.
To see the full findings, visit: State of CISO Influence report