Deloitte: Why CISOs Increasingly Have the Ear of Their CEOs
The cybersphere is in a tumultuous time: attacks are increasing, AI is augmenting it and quantum promises to smash traditional defences.
Yet, it's not all doom and gloom, Deloitte Global's latest survey has indicated that companies are enhancing the influence of their chief information security officers (CISOs), with 20% of CISOs now reporting directly to their CEOs.
The Global Future of Cyber Survey, now in its fourth edition, collected insights from nearly 1,200 cyber decision-makers across 43 countries, illustrating the evolving role of cybersecurity within the C-suite.
The notable increase in the number of CISOs reporting to CEOs rather than CIOs underscores the growing significance of cybersecurity in driving strategic business growth.
“The rise of AI and other evolving technologies has significantly transformed the threat landscape," says Emily Mossburg, Deloitte's Global Cyber Leader. "As threats become more sophisticated and impactful to core business, CISOs are increasingly required to adopt a more strategic role driving cross-business risk prioritisation and mitigation.”
Adapting to AI and cyber threats
The escalating influence of the CISO role is largely attributed to AI-driven threats that take advantage of vulnerabilities by mimicking trusted sources.
Approximately 39% of respondents reported extensive use of AI in their cybersecurity programmes, reflecting a more integrated approach to cybersecurity within organisations.
AI technologies are being leveraged to analyse large datasets, detect anomalies, and identify potential threats in real-time; this trend signifies a shift towards proactive and predictive security measures.
A director general from a government cyber and IT security agency stated: “The big shift for us is by bringing in the security discussion before, not after, building the solution. We really want to move into ‘security by design’ as opposed to what often happens - ‘security by assessment’ - which requires security to be more of a strategic part of the overall business.”
Cybersecurity's role in protecting technology investments
Cybersecurity is increasingly pivotal in protecting technology investments, particularly in cloud computing, Generative AI, and data analytics.
High-performing organisations with mature cybersecurity practices demonstrate consistent cyber planning and strategic engagement at the board level.
"The close relationship between CISOs and CEOs is a testament to the role security plays in a business’s long-term success," says Emily.
These organisations anticipate achieving their business outcomes by an average of 27% more compared to global respondents overall.
The necessity for secure systems is underscored by findings that 25% of respondents from cyber-mature businesses experienced 11 or more cybersecurity incidents in the past year—a 7% rise from 2023.
Companies are progressively acknowledging cybersecurity as vital to their technology infrastructure, strategic planning, and growth objectives.
Key outcomes from cybersecurity initiatives
The survey highlights significant outcomes from cybersecurity initiatives, including safeguarding intellectual property, enhancing threat detection and response, and boosting efficiency.
Protection of intellectual property emerged as the foremost priority and outcome of cybersecurity efforts, with 46% of respondents identifying it as a key result.
"The close relationship between CISOs and CEOs is a testament to the role security plays in a business’s long-term success."
Improved threat detection and response alongside increased efficiency were also highlighted as primary outcomes, with 44% recognising these results from their initiatives.
Additionally, the report reveals a noteworthy trend towards integrating cybersecurity budgets with other strategic financial plans.
Over half of Deloitte Global's respondents expressed intentions to merge cybersecurity spending with other budgets related to digital transformation and IT initiatives.
Moreover, 57% indicated plans to increase their cybersecurity budgets over the next 12 to 24 months.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand
