Despite a growing need for Chief Information Security Officers (CISOs), many businesses still haven’t filled the position. Among those that have, meanwhile, there is often confusion surrounding the responsibilities attached to the role.
This is according to a new report from CDN provider Fastly, based on a survey of 250 UK companies, which states that just a quarter currently employ a CISO. However, a further 56 percent said they plan on hiring one within the next 6-24 months.
But CISO is a relatively new role, so its parameters are still unclear to many. Fastly found that almost a third (31 percent) believe the CISO should have an in-depth understanding of all areas of IT. As a result of this thinking, the CISO is often the scapegoat when issues arise; a quarter of respondents claimed CISOs are too often blamed for problems that are not their fault.
In order for this lead security role to be successful in future-proofing a business, Fastly believes organizations should make the job specifications clear. Almost a quarter (22 percent) of survey respondents believe CISOs are overworked and underpaid, while 19 percent believe they are not good enough value for money.
“Hiring a CISO is a crucial step in tackling the security threats facing organizations. However, they need to ensure this isn’t just a box-ticking exercise and that they fully embed their CISO into the organization,” said Sean Leach, Chief Product Architect at Fastly.
“These findings show that, whilst businesses are beginning to understand how growing their digital offering will increase potential threats they still need to increase the security offerings that protect those technologies, otherwise the results can be catastrophic.”