You are on page 1of 1

Evolving Role of the CSO

SECURITY INCIDENTS CONTINUE TO PLAGUE ORGANIZATIONS
Organizations have seen security
incidents increase at a

Large organizations (revenue more than
$1 billion) have seen the biggest rise in
security incidents from 9,155 in 2013 to

66%

Large organizations
also saw a

53%

13,138

compound annual
growth rate since 2004.

jump in financial
damages from 2013 to 2014.

in 2014.

AS SECURITY LANDSCAPE CHANGES, STRATEGIES REEVALUATED

49%

63%

of organizations are
reevaluating their information security standards
as a result of big name/
public data breaches.

$

88%

of respondents with increasing security budgets
expect the amount of time spent advising senior
executives to increase in the next three years.

70%

$

said they will continue to
place more value on risk
management in the next
12 months.

23%

of security decision-makers in the
highly targeted retail industry said
the recent breaches have them
reevaluating their information
security standards.

VS

of security professionals now
report directly to the CEO which
has nearly quadrupled since
2006 when it was just 6%

70% $

Connection to the top is even greater with

31%

of decreasing/not
changing security
budgets.

62%

internally develop
Enterprise Risk
Management
frameworks.

of CSO’s reporting on a
dotted line to the CEO and
21% to the board of directors.

Top 3 Areas CSOs are in Charge/Involved in 2015:

93%
91%
90%

Information Security
Incident Response
Business Continuity/Disaster Recovery

The data breaches at Target and particularly Home Depot elevated the perception of risk to a company’s reputation. The example provided a very
high level of visibility of the damage to reputation as well as cost. They also elevated the need for additional security testing and scanning. We will
be adding budget to implement next year.

- Barr Snyderwine, CIO, Hargrove, Inc.

CSOs RELIED ON FOR SECURITY BUSINESS INVESTMENTS

94%

$
$

expect organization’s
overall security budget to
increase or remain the
same in the coming year.

Organizations’ overall security
budget expected to increase
by an average of

11%

in the coming year.

Information Sources Relied on by CSOs:

73%
68%
62%

Rely on peers
Rely on Security content/technology
Rely on executive conferences or events

CSOs RELATIONSHIPS WITH SECURITY VENDORS LEAVE ROOM FOR IMPROVEMENT

73%
60%

very satisfied/satisfied
with security products in
2015 down from 79%
in 2012.
very satisfied/satisfied
with security services
in 2015 down from 66%
in 2012.

Two Most Cited Reasons For
Discontent with Security Vendors

78%

Products don’t live
up to the hype

70%

Products’
implementation
costs

Emerging Issues for
CSOs in 2015:

Pressing Issues for
CSOs in 2015:

1. Demands from the board
2. New technologies
3. Shadow IT
4. Demands from
business partners
5. Internal threats

1. New technologies
2. Finding people
3. Partner security
4. Getting actionable intelligence
from security partners
5. External attacks

You can learn more on the important role the CSO plays, how to reach the CSO audience, and view more of the
State of the CSO 2015 results here: http://bit.ly/StateoftheCSO2015 or by contacting your IDG Enterprise
representative. You can also join the conversation on Twitter using the hashtag #StateoftheCSO
Sources: Global State of Information Security Survey 2015, PwC, CIO magazine, CSO, September 2014; State of the CSO Survey, CSO, 2015;
State of the CSO 2015: Breaches Force New Security Strategy, November 11, 2014, CSOOnline.com.