CISOs in Singapore get more help from the board only post-attack

All chief information security officers (CISOs) in Singapore receive more support from the board only after an attack, even if 53% of organisations fall victim to repeat attacks, Trellix found out.

Trellix tapped Vanson Bourne to conduct a survey of more than 500 global CISOs from companies with at least 1,000 employees in the United States, Mexico, Brazil, the United Kingdom, France, Germany, Australia, India, Singapore, the United Arab Emirates, South Africa, Japan, and South Korea. 

Respondents belong to firms that are into energy and utilities, healthcare, public sectors, manufacturing and production, and financial services. Everyone experienced at least one cyber incident in the last five years.

“Raising the urgency and cyber literacy of their own board is one of the CISO’s greatest challenges,” said Bryan Palma, CEO of Trellix. 

“The research suggests many boards’ willingness to support cybersecurity only happens after an attack,” said Palma. “Clearly, it should be the other way around.”

Jonathan Tan, Treelix managing director for Asia, the hidden consequences for an organisation post-attack — which includes not just a loss of money but reputation — can be avoided. 

“Investing in the right technology that constantly evolves is therefore critical to help protect against sophisticated cyber threats, which will only increase with time,” said Tan.

The research revealed that CISOs remain reactive until boards become proactive. After an attack, 43% receive an increased budget for additional technology, 40% revise their overall security strategy, 27% implementing new frameworks and standards, and 20% creating new jobs and responsibilities after an attack.

CISOs face attacks from all angles. Data theft attacks (47%), DDoS attacks (47%), and credential stealing (40%) are most commonplace.

XDR is a viable threat prevention solution as 87% of respondents agree improvement is needed across people, processes, and technology after experiencing a major cyber incident. 

Further, all respondents believe that if their organisation had implemented XDR, the major cybersecurity event they experienced would have been prevented.

A UK-based respondent said that XDR can actually aggregate and correlate data from multiple sources and, therefore, reduce false positives. 

“We see less alert fatigue in the security teams, and XDR allows us to be proactive rather than defensive and post facto, another big difference,” they said.

Also, hidden consequences of cyber incidents impact organisations. Revenue loss (47%), a consequence with clear costs, was reported as having the biggest impact. 

Additionally, there were also reported significant impacts such as business downtime (40%), stress to their SecOps teams (33%), and declining reputation (23%) as factors negatively impacting organizations.

“Experiencing a cyber incident reinforced the concept that we need to be ever-vigilant, and no matter how secure we think we’ve gotten things, no matter how many tools we have in place, it’s a constant battle,” a US-based CISO said.