Global organizations are becoming more resilient to cyber breaches, with more than three-quarters (76%) of CISOs reporting no major breaches in the past year, according to survey of ClubCISO members .
A total of 182 members of our private member forums were surveyed to compile Telstra Purple’s tenth annual report. Information security maturity report.
The survey results reveal that the majority of these organizations have at least improved their cybersecurity resilience. Last year, 68% said they hadn’t experienced a significant breach.
Additionally, 60% of the CISOs who responded said they had not experienced a major cybersecurity incident in the past 12 months.
For more information on security as a strategic goal, see Security is Key to Business Transformation, Says IT Leaders.
One of the positive impact factors could be an improved security culture. Notoriously difficult to measure, 80% of his respondents said their organization’s security culture had improved to some extent over the past year.
Leadership endorsement (80%), proactive “report” non-shaming policy (41%), simulated phishing (38%), and customized training (37%) were cited as the top drivers was.
Advisory board member Jessica Barker acknowledged the importance of management buy-in.
“Cybersecurity has been on the corporate agenda for the last few years, and this increased collaboration between security teams and senior executives is a great catalyst for progress,” she added.
“Without tone and resources from the top, building a healthy security culture will always be difficult.”
Rob Robinson, head of Telstra Purple EMEA, argued that the findings show that CISOs have a clear positive impact on culture and people.
“The fact that leadership endorsement is also highlighted as a key factor in establishing an effective security posture also recognizes the progress CISOs have made at the highest levels of the business,” he added.
“It is now clear that strong security is a critical enterprise capability, largely due to the voice CISOs have developed at the C-suite level.”
However, despite the encouraging headlines, only 38% of CISO respondents rated their overall security posture as “above average” (versus 46% last year). Nearly 13% also say they are not confident their organization will be able to meet its key security goals, which he has not changed since 2022.
Register for Information Security Europe | 20-22 June 2023
