Security Execs: Under Pressure and Under Prepared

A survey of corporate security executives say they're not prepared to prevent inadvertent loss of data or social engineering attacks. And most say their job is more difficult than it was last year.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

A new survey of corporate security executives shows that their jobs are more difficult to handle than just a year ago, and they're not prepared to handle some significant security issues.

Nearly 100 percent of CSOs say they are well prepared to handle spam, malware, denial-of-service attacks, and hacker attacks, according to a survey by CSO Interchange at a conference held last week in Chicago for chief security officers. However, the same survey also shows that 88 percent say their organizations are least prepared to handle inadvertent loss of data, social engineering and inappropriate use.

On top of that, another 75 percent report that their jobs have become more difficult or substantially more difficult than they were last year.

''The role of the CSO continues to become more complex,'' says Philippe Courtot, co-founder of CSO Interchange and CEO of Qualys. ''CSOs now have responsibility for internal and external threats, compliance with regulatory mandates, and attention to bottom line business performance... ''Through the open environment provided at CSO Interchange, we have learned CSOs are still looking for support for policies, procedures and technologies to lockdown their networks and secure data.''

The survey also shows:

  • Sixty-four percent of CSOs surveyed are more concerned about compliance this year than they were last year, and 38 percent report their budget for compliance solutions grew during the past year;
  • Seventy-four percent say their organization must comply with more than five laws and regulations;
  • Sixty-eight percent say their security budget is less than 10 percent of their total IT budget;
  • Eighty-three percent outsource less than 10 percent of their security, and 40 percent do not outsource security processes at all, and
  • Seventy percent say they do not receive sufficient early warning for cyberattacks.

  • 0 Comments (click to add your comment)
    Comment and Contribute


    (Maximum characters: 1200). You have characters left.



    IT Management Daily
    Don't miss an article. Subscribe to our newsletter below.

    By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.