Informed by a survey of more than 100 information security leaders from both private and public organisations around the world, the ninth annual Security Maturity Report, conducted by ClubCISO and Telstra Purple, highlights a reduction of material incidents.
With 40 data points on culture, technology, risk and people. Key findings included nearly two thirds (65%) of global CISO suggesting that they are actively seeking to recruit from diverse backgrounds, 45% of CISOs noting positive change in attitudes to security from increased remote/hybrid working, a doubling from 2021 in organisations now actively working on third-party (i.e., supply chain) management, and ‘Non-malicious insider’ (17%) reported as the most common threat vector for those who faced a material incident, ranking higher than social engineering attacks (11%) and incidents that came as a result of compromised credentials (10%).
Telstra Purple: "In a period of significant turbulence, CISOs have helped steady the ship"
Rob Robinson, Head of Telstra Purple EMEA, which powers the ClubCISO private members club said, “It is great to see the annual survey and report becoming a vital barometer of infosec maturity globally. In a period of significant turbulence, CISOs have helped steady the ship, but it is exactly for this reason that they too have a community of peers they can rely on to stress-test ideas and lean on for support.
“We’re proud to see the significant achievements of our CISO members and their organisations in the past year and look forward to continuing our support for ClubCISO as a way to help shape the future of the profession.”
In response, Stephen Khan, Chair of the ClubCISO Advisory Board, said, “As we move further away from the Pandemic, what this report makes clear is that much of the groundwork to bolster security has been done. Collectively, CISOs have made security a company-wide concern and the business case for it, not only in our respective businesses but also across our supply chains, has never been stronger.”
He went on to add: “Our findings show that CISOs are now in the driving seat with extended influence and increased budgets, and are better positioned to deal with an increasingly complex and dynamic threat landscape.”