Security News

As business begins its return to normalcy, CISOs at small and medium-size enterprises were asked to share their cybersecurity challenges and priorities, and their responses were compared the results with those of a similar survey from 2021. Especially in small security teams where additional headcount is not the answer, CISOs are turning to outsourced services to fill the void.

The only threat more persistent to organizations than cyber criminals? The cyber security skills crisis. Survey Results: Top Threat Protection Product Pain Points Overlapping capabilities of disparate technologies: 44%. Being able to see the full picture of an attack: 42%. Deployment and maintenance of disparate technologies on one machine: 41%. Lack of forensic information: 40%. Missing reporting capabilities: 25%. Many of the issues smaller teams face with threat protection products are largely attributable to the fact that they're designed for larger organizations with bigger teams and budgets.

Since most companies this size don't have in-house CISO expertise - the demand for virtual CISO services is also growing. Cynomi enables managed service providers and consulting firms to provide ongoing vCISO services at scale by automating much of the manual, expert and time-consuming vCISO work, empowering their existing teams.

The company's AI-powered vCISO platform automatically generates everything vCISO service providers need to provide their clients, fully customized for each and every client: risk and compliance assessments, gap analysis, tailored security policies, strategic remediation plans with prioritized tasks, tools for ongoing task management, progress tracking and customer-facing reports. Cynomi enables managed service providers and consulting firms to provide ongoing vCISO services at scale by automating much of the manual, expert and time-consuming vCISO work, empowering their existing teams.

At a time when enterprises are increasingly banking on digital ecosystems for their growth strategies, TCS' survey shows that only 16% of chief risk officers and chief information security officers ranked digital ecosystems as a concern when assessing expected cyber targets, and only 14% listed the risks from such ecosystems as the top priority arising out of board-level discussions. "Companies across the globe are increasingly turning to digital ecosystems of partners, vendors, and even competitors to reimagine and grow their business. Ignoring the threats originating from these ecosystems represents a blind spot which needs to be addressed urgently," said Santha Subramoni, Global Head, Cybersecurity, TCS. "One way of reducing the probability of an attack within digital supply chains is to implement a 'zero trust' policy-a framework based on the principle of 'never trust, always verify,' applied not only to humans but also machines."

New survey reveals lack of staff, skills, and resources driving smaller teams to outsource security. As business begins its return to normalcy, CISOs at small and medium-size enterprises were asked to share their cybersecurity challenges and priorities, and their responses were compared the results with those of a similar survey from 2021.

I recently had the opportunity to meet and speak with several luminaries of the global security ecosystem: Roger Hale - Chief Security Officer; BigID, Sounil Yu - CISO and Head of Research at JupiterOne; Debbie Taylor Moore - VP and Senior Partner Global Cybersecurity at IBM Consulting; and Jay Leek, Managing Partner and Co-founder of SYN Ventures. As the aftershocks of 2021 begin to clear, I was interested in getting CISOs' take on ensuing challenges and upcoming hurdles that require the attention of all security and business stakeholders.

While six percent of all professionals claim to be "Highly stressed" due to their work, among CISOs, ITOs, CTOs and global IT strategy directors, the number climbs to 33 percent. 43 percent said the root cause of their stress is the expectation to always be on call, and 40 percent cite both inadequate existing security stack and insufficient SecOps staff.

Why small businesses may want to pursue virtual CISO. While a Chief Information Security Officer can be invaluable to a company with regards to safety and cybersecurity, some smaller enterprises may want to look into a Virtual CISO to assist with cutting down on expenses. A virtual CISO is that of an independent or contracted employee, who fills the role of a CISO but is not employed full time.

Proofpoint released its annual Voice of the CISO report, which explores key challenges facing chief information security officers. While the world's CISOs spent 2021 coming to terms with new ways of working, many now feel much more in control of their environment: 48% feel that their organization is at risk of suffering a material cyber attack in the next 12 months, down from 64% last year.