More than 80 percent of security leaders believe the challenge posed by external threats is on the rise, while 60 percent also agree their organisations are outgunned in the cyber war, according to a recent IBM study.
IBM's third annual Chief Information Security Officer (CISO) study was conducted by the IBM Centre for Applied Insights, and is based on 138 interviews with the most senior security leaders of polled organisations.
The study also reveals that technology is seen as a critical component in addressing these security issues and threats, with big data, cloud and mobile named as the top three areas of prioritisation.
Additionally, sophisticated external threats were identified by 40 percent of security leaders as their top challenge, followed by regulations at just under 15 percent. Besides external threats, the study indicated CISOs face additional challenges from governments as nearly 80 percent of respondents said the potential risk from regulations and standards have increased over the past three years.
Security leaders are most uncertain about whether governments will handle security governance on a national or global level, as well as how transparent they will be in doing so. Only 22 percent think that a global approach to combating cybercrime will be agreed upon in the next three to five years.
Organisations rethinking cybersecurity tactics
A significant 70 percent of surveyed security leaders believe they have mature, traditional technologies that focus on network intrusion prevention, advanced malware detection and network vulnerability scanning.
However, half of them agree that deploying new security technology is the top focus area for their organisation, while identifying data leakage prevention, cloud security and mobile/device security as the top three areas in need of dramatic transformation.
Over 70 percent of security leaders said real-time security intelligence is increasingly important to their organisation. Despite this strong agreement, the study found areas such as data classification and discovery and security intelligence analytics have relatively low maturity (54 percent) and require a higher need for improvement or transformation.
Also, while concern over cloud security remains strong, close to 90 percent of respondents have adopted cloud or are currently planning cloud initiatives. Of this group, 75 percent expect their cloud security budget to increase or increase dramatically over the next three to five years.
Lastly, despite the growing mobile workforce, less than half of security leaders (45 percent) stated they have an effective mobile device management approach. In fact, according to the study, mobile and device security ranked at the bottom of the maturity list (51 percent).
Empowering today's security leaders
With cyber attacks and government regulations continuing to evolve, a majority of organisations have redefined their view of security over the past three years, vaulting security leaders into more influential roles.
Sign up for Computerworld eNewsletters.