Security News

TechRepublic Premium Hiring Kit: Cloud Engineer Regardless of what business or what industry you are in, the potential benefits of cloud computing and cloud computing services are self-evident. With so many businesses flooding .... TechRepublic Premium Hiring Kit: Data Architect To make their best decisions, businesses need the best actionable information.

Many CISOs are grappling with the conundrum of the purpose and value of security controls data in supporting critical business decisions, according to Panaseer. Only 36% of security leaders are totally confident in their security data and use it for all strategic decision making.

Joe Sullivan, Uber's CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company's data security and privacy practices.

The complexity and change experienced by organisations as they grow is one reason we are seeing similar cyber security risks to a decade ago, says Rapid7's CISO Jaya Baloo. Speaking on ethics in information security at the 2023 Australian Cyber Conference, Baloo said the Australian market has truly woken up to cyber risks in the last year due to a number of high-profile data breaches that have affected millions of Australians.

Boards should prioritize conversations around how an organization can modernize their technology infrastructure, leveraging architectures where security is built in, not bolted on, to drive better security, agility, and efficiency. How can boards balance fostering innovation and ensuring that security remains a priority throughout the organization's initiatives?

This year, 20% of CISOs did not receive a raise, double that of a year ago, while the share of CISOs with bigger retention bonuses and equity packages also declined to 12% and to 8%, respectively. "At a macro level, CISOs had a good year as significant compensation increases continued despite a challenging economic environment," stated Nick Kakolowski, Senior Research Director at IANS. "On closer inspection, we're seeing CISOs getting elevated in the business, taking on a larger scope and being exposed to increased liability. Commensurate compensation increases aren't extending into the middle and lower quartiles of the market. We expect CISOs to seek change as a result - something evidenced in 75% of respondents saying they are considering a job change in the next 12 months."

86% of CISOs believe generative AI will alleviate skills gaps and talent shortages on the security team, filling labor-intensive and time-consuming security functions and freeing up security professionals to be more strategic, according to Splunk. "The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions," said Jason Lee, CISO, Splunk.

That's according to the latest results of IANS' survey of 600 US-based CISOs, which also found that most people working in the role are either earning below $400,000 or above $700,000 a year. One in five of all CISOs earn above $700,000 and half of these corporate rockstars are paid more than $1 million a year.

In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. With the increasing complexity of the CISO role, what are the top three challenges you believe they face, and how can they best address these?

Over 70% of CISOs feel that the importance of information security is not recognised by senior leadership, according to BSS. The CISOs said their top four highest investment priorities in 2023 are change management, information security resilience, data security, and information security assurance and testing. Of the 150 information security decision makers surveyed, 28% of CISOs agreed that the value of their role was recognised by the board.