A new report finds that Chief Information Security Officers (CISOs) are prioritizing Zero Trust and partner risk management to mitigate critical security challenges. The report finds that APIs and cloud applications are among the greatest threats CISOs identify to their security readiness.
The CISOs Report, Perspectives, Challenges and Plans for 2022 and Beyond, is based on a survey of over 300 CISOs across a wide array of companies and industries in the U.S., Canada, and select other nations. Horizon3.ai is a co-sponsor of the report.
The IT landscape has shifted, particularly with the expansion of remote work during the pandemic, alongside cloud adoption and BYOD and more. The report found that these are the areas where CISOs most need to strengthen their overall defenses. Meanwhile, evolving technologies like APIs, cloud applications, and cloud infrastructure are identified in the report as the IT components CISOS see as most in need of security improvement.
Respondents also see a need for upgrading IT processes as well as components, with data discovery and classification, data backup and recovery (as well as remediation), and DevSecOps leading the pack.
Zero Trust: More than hype
CISOs responding to the report were nearly universal in their assessment of the concept of Zero Trust, with 96.5% saying they are either on the way or planning to initiate Zero Trust strategies within their organizations. Over half of the respondents said that implementing Zero Trust or improving existing practices is in the top three goals for the coming year.
Third-party risks and supply chain issues
The report details a long list of cyber vulnerabilities that are keeping CISOs awake at night, and third-party risks take one of the top spots, with 41% of respondents saying that over the next year, they plan to add or upgrade third-party security and risk management technology.
Not to be outdone, supply chain issues – unsurprisingly, given their high-profile challenges over the past few years – also appear top of mind for CISOs. Addressing partner or supply chain risks was named as one of the top three priorities for the next year
The complete report is available by visiting https://securitycurrent.com/thecisosreport/.
