Just how confident are CISOs and CROs today? How engaged are their boards of directors? And can they rely on their fellow C-suite and business unit executives to embed cyber risk and security considerations in their plans and projects? Learn these answers and other findings in this brief preview of the study data.
ESTIMATED READING TIME: 5 minutes
Not “if” but “when”
For years, chief information security officers (CISOs) and chief risk officers (CROs) have invested heavily in risk assessment and security tools to anticipate and protect their organizations from the rising tide of cyber threats. And advanced technologies are key. But just as important? Engaged and strategically aligned leadership, secure platforms, and the right skills for all that advanced technology are key. If an organization is to fight off the most critical developing threats and recover quickly from attacks when — not if — they occur, they need everyone aware, on board, and working together.
The TCS Risk & Cybersecurity Study explores these and other issues:
- What threats and challenges are CISOs and CROs most focused on?
- What are the top priorities for cyber defense and business resiliency?
- How confident are CISOs and CROs in their cybersecurity capabilities?
- How engaged are organizations’ board of directors and C-suite levels in preparing for and protecting the enterprise from attacks and incursions by malicious actors?
- What impact does pervasive migration to cloud platforms have on companies’ security posture?
What the study found: The good news
Most CISOs and CROs feel at least somewhat confident they can avoid serious financial or reputational fallout from a major cyber incident. Nevertheless, a sizable number of cyber risk and security executives feel worried or even overwhelmed about their ability to meet current and emerging threats. Some organizational best practices emerge that point the way toward cyber confidence.
Essential takeaway: Growing awareness
Companies where the board of directors and C-suite are proactive about its cyber strategy are more likely to see better-than-average revenue and profit growth and fewer problems recruiting and retaining advanced cyber skills.
Essential takeaway: Cloud confidence
Financially successful companies are also more likely to regard cloud-based tools and platforms as more secure than on-premises data centers.
Essential takeaway: Potential problem
While companies rightly see much promise for future revenues and productivity by participating in emerging digital ecosystems, most companies are too complacent about the risks and threats inherent in such exchanges of data.
Essential takeaway: Top challenges
Recruiting and retaining top talent with the relevant skill sets to manage, engineer and support cybersecurity technology is the number one challenge for cyber professionals today.
About the study
TCS conducted this study of more than 600 CISOs and chief risk officers CROs early in 2022 amid an unprecedented upsurge in increasingly sophisticated cyberattacks from criminals, sovereign states, and other bad actors exploiting global socio-political and economic tensions. The survey respondents were drawn from North American, European, and UK-headquartered companies in four industries facing an unprecedented onslaught of cyber threats and increased risks, whether to business data, customer data, their operations, trade secrets, or their supply chains: banking and financial services, manufacturing, utilities, and media and information services.
Infographic: Cyber confidence
Infographic: Recruiting & retention
A majority of CISOs say they’re not equipped to ward off the most sophisticated cyber attacks. Yet it’s the companies that don’t yet trust the security of cloud platforms where cyber executives are the most overwhelmed by internal risks and external threats. Learn more in this sneak peak of the study data.