As SEC Cybersecurity Disclosure Rule hits one-year mark, 52%
report they are not knowledgeable enough about how to report to the
government in the case of a cyber attack
NEW
YORK, July 25, 2024 /PRNewswire/ -- Onyxia
Cyber, the industry-leading provider of AI-driven Cybersecurity
Management solutions, today unveiled its Regulations, Reporting
and Risk Management: The Voice of the CISO 2024 report. Based
on responses from over 200 CISOs across a wide range of industries
in the United States, the report
provides a deep dive into the mindset of today's CISO, and how
compliance risk, AI opportunities, and business decision-making are
impacting the position.
The job of a CISO has changed dramatically over the past few
years. What used to be a technically minded cybersecurity role has
evolved to include a greater emphasis on security strategy and
quantifying and mitigating business risk. With compliance
regulations adjusting to meet an evolving risk landscape, and the
cost of a breach growing year on year, executives realize the
importance of saving a cybersecurity seat at the table.
With the new stringent regulations including the SEC's
cybersecurity disclosure rules in the USA and the Digital Operational Resilience Act
(DORA) in the EU, a significant challenge is emerging for many
organizations. A startling 67% of CISOs report feeling unprepared
for these new compliance regulations, while 52% admit to lacking
sufficient knowledge on how to report cyber attacks to the
government.
"As cyber threats escalate and regulations impose heavy
penalties for non-compliance, it's imperative for CISOs to reassess
and strengthen their security programs in a data-driven way. Our
survey reveals critical industry benchmarks, highlighting areas of
strength and significant gaps that need urgent attention," said
Sivan Tehila, CEO and Founder of Onyxia. "CISOs must enhance their
preparedness, improve security hygiene, and embrace new
technologies like AI to better maximize their existing security
tools and protect their organizations."
Additional Key Findings:
- Incident Response Plans: Over half (56%) of the surveyed
CISOs admit discomfort with their current incident response
strategies, indicating a significant need for improvement in
handling cyber incidents effectively.
- Board Communication: 67% report having difficulties in
effectively persuading the C-suite of their security strategies and
securing buy-in for their initiatives. Interestingly, only 19% of
those who have been a CISO for 5+ years find it very easy to share
their strategy with the executive board, while 40% of less
experienced CISOs say the same.
- Security Hygiene: Basic security measures, such as
multi-factor authentication (MFA) and strong passwords, are not
universally implemented. CISOs consider an average of 11% of user
accounts with weak passwords and 13% without MFA as acceptable,
highlighting areas for improvement.
- AI Integration: 84% of CISOs currently measure the
effectiveness and performance of their security programs with
either spreadsheets, analysts, or a combination of the two
approaches. Despite a reliance on manual methods, CISOs see
potential in AI. Ninety-seven percent (97%) believe AI can enhance
risk management, with 54% believing AI capabilities could help them
in identifying gaps and redundancies in security stack coverage and
42% anticipating AI's role in automating business-level risk
reporting.
"Our industry is going through an evolution phase," said
Chris Roberts, Onyxia Cyber CISO
Advisor. "This time the maturation of our industry is at a point
where business drivers, leadership conversations, legal,
compliance, regulatory, and accountability conversations dominate
over most other concerns. This report paints an honest picture of
where we're at, what we've done, and what we have left to do."
For more information, please download the full report.
About Onyxia Cyber
Onyxia Cyber empowers Chief
Information Security Officers and security leaders with powerful
predictive insights and actionable data intelligence to
continuously strengthen their security programs and proactively
reduce risk exposure. Founded in 2022 by a former CISO, Onyxia
delivers a Cybersecurity Management Platform that proudly serves
leading enterprises across various industries and sectors. With
Onyxia, CISOs can ensure organizational compliance, improve risk
management, and align their security initiatives with business
goals. Learn more at www.onyxia.io
Media Contact:
Angelique
Faul
Silver Jacket Communications
513.633.0897
380839@email4pr.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/new-study-reveals-67-of-cisos-are-unprepared-for-todays-cybersecurity-regulations-302206346.html
SOURCE Onyxia Cyber