vchalup - stock.adobe.com

CISOs turn to AI, detection, response and education

Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows

The majority (84%) of chief information security officers (CISOs) polled around the globe expect the risks of cyber attacks to increase, according to a study commissioned by security firm Fortinet.

Almost a quarter of the more than 200 respondents believe the capabilities of attackers are outpacing their ability to defend their organisation.

This situation is compounded by limited resources, including the lack of sufficient budget and skilled professionals, and the fact that the attack surface is expanding rapidly.

As a result, the study shows, security leaders understand that it is critical to have the right strategies in place in the continued arms race with attackers, and are increasingly applying artificial intelligence (AI) technologies to cyber security, focusing more on detection and response capabilities, and recognising the importance of cyber security training and education for users.

Nearly half (48%) of respondents said they are focused on integrating security into their network operations and 45% are shifting and changing their cyber security strategy towards advanced analytics for greater visibility into their environments.

CISOs believe that AI, like machine learning, and analytics relieve IT teams of monotonous tasks, so they can focus on business-critical jobs such as identifying anomalous behaviour in their networks and responding to threats quickly.

According to the survey, security leaders are currently allocating an average of 36% of their security budget to response. However, most would like to shift their resources from prevention to bolster detection and response capabilities and increase response investments to 40% of their budget.

“There is a growing realisation that breaches are inevitable, and that strong detection and response practices are a greater priority,” the report said.

CISOs believe talent and training constraints have a significant impact on their organisations, the survey found, with CISOs paying more attention to educating their own employees on best practices and building cyber security awareness in order to prevent and reduce internal threats.

However, the survey revealed that most CISOs typically feel constrained by the lack of adequate budget. While threats are expanding, CISOs find that their resources, including budget, remain limited. One-third of the CISOs surveyed felt that the lack of an adequate budget is having a significant impact on their cyber security programmes, while 18% cited lack of budget as their greatest constraint.

Other major constraints include a lack of a central cyber security strategy (35%) and lack of support from senior management (35%).

Read more about cyber security strategy

Another key finding of the survey is that safeguarding customer data and intellectual property is a top priority for security leaders. More than one-third of respondents said protecting their organisation’s brand is top of mind, while more than 36% selected customer data as the highest priority for protection.

A majority of respondents also said they are focusing on protecting intellectual property as one of the most important assets in their care, which they believe is another core target of most malicious actors.

“Today’s CISOs are tasked with the challenge of allocating limited funds and resources to the highest-return cyber security projects, which can range from breach detection to response,” said John Maddison, executive vice-president of products at Fortinet.

“These c-level security leaders must maximise security with finite resources, all while balancing strategic leadership responsibilities and tactical issues.”

As regards top security initiatives in the coming year, hiring more cyber security staff and creating a culture of security topped the list at 14% each, followed by better security training (13%), improved threat Forensics (12%), increasing security management expertise (10%) and extending security to suppliers and customers (10%).

The greatest challenge created by the shortage of qualified cyber security staff, said CISOs, is the inability to execute strategic cyber security initiatives and the difficulty in keeping up with new security challenges (18% each), followed by inability to detect breaches (17%), difficulty in extending security procedures to suppliers (13%), and inability to train employees in security practices (12%).

The study report recommends that security leaders:

  • Focus on protecting the brand.
  • Make the business case for security budgets.
  • Automate resources as much as possible.
  • Focus on people’s cyber security knowledge.
  • Move more resources from prevention to detection and response.

The report concluded: “Effective CISOs will maximise their resources – but will then marshal their people, budget and expertise to fight the battles that matter most. This kind of flexible, scalable defence will prove most effective in the counter-attacks against cyber breaches to come.”

Read more on Hackers and cybercrime prevention