More CISOs now report directly to the CEO

(Image credit: Image Credit: NakoPhotography / Shutterstock)

Businesses around the world are finally appearing to take their cybersecurity strategy to the highest level, with CEOs now often involved in the big calls.

A study by Wipro found one in five CISOs now report directly to the CEO, highlighting the importance that security-focused roles are playing as companies look to keep their data protected.

The research, which quizzed over 200 organisations worldwide, found that 15 percent of businesses have more than 10 percent of their overall IT budgets dedicated to security.

While the number of significant publicly reported breaches decreased by 25 percent, the number of records exposed during attacks increased by 164 percent - equivalent to 232 records exposed per second. 

Wipro also found that attackers also targeted more specific information perceived to have higher monetary value: 38 percent of the data records breached/targeted were a combination of personally identifiable information and security credentials such as passwords.

Looking to the future, with cloud and IoT adoption on the rise, 28 percent of organisations saw cloud account hijacking as one of the top security threats to their cloud environments, and 26 percent of organizations are prioritising security assessment of IOT devices to mitigate new risks.

Just over a third (39 percent) of organisations now have a dedicated cyber insurance policy, up from 12 percent in 2017, and in response to the growing GDPR scrutiny, 65 percent of organisations say they are tracking and reporting regulatory compliance, and 25 percent of organisations are carrying out security assessments in every build cycle. 

“With organisations riding the digital wave, security strategies need to be enhanced to address the changing landscape and enable a smooth and safe transition," said Raja Ukil, Wipro's Global Head for Cybersecurity & Risk Services. 

"Security is also evolving to be a pervasive part of core business operations, and countries are establishing active cyber defence strategies and functions to foster partnerships with the private sector enterprises and with other countries. Amidst growing threats, leaders are collaborating more than ever before in new and innovative ways to mitigate the risks.”