Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace.
The results indicate that CISOs encounter challenges in aligning security teams with the C-suite, resulting in organizational gaps in understanding cyber risk.
As a result, they find themselves more exposed to advanced cyber threats, at a time when AI-driven attacks are on the rise.
The report was based on a global survey of 1,300 CISOs and ten interviews with CEOs and CFOs in enterprises with over 1,000 employees.
CISOs face organizational challenges with C-level executives.
CISOs struggle to drive alignment between security teams and the C-suite, with 87% of CISOs saying application security is a blind spot at the CEO and board level.
Seven out of ten C-suite executives interviewed say security teams talk in technical terms without providing business context.
75% of CISOs highlight the issue is rooted in security tools that cannot generate insights that C-level executives and boards of directors can use to understand business risks and prevent threats.
Addressing this technology and communications gap is becoming more critical as the rise of AI-driven attacks and cyber threats significantly increase business risk.
Against this backdrop, 72% of CISOs say their organization has experienced an application security incident in the past two years.
These incidents carry significant risk, with CISOs highlighting the common consequences they've experienced, including impacted revenue, regulatory fines, and lost market share.
CISOs emphasize DevSecOps automation in risk mitigation measures.
The need to drive closer engagement between security teams and the C-suite is becoming more important as the rise of AI exposes organizations to added risk.
CISOs are concerned about AI's potential to enable cybercriminals to create new exploits faster and execute them on a broader scale.
They are also concerned about AI's potential to allow developers to accelerate software delivery with less oversight, leading to more vulnerabilities.
As they look for a solution, 83% of CISOs say DevSecOps automation is more important to manage the risk of vulnerabilities introduced by AI. Additionally, 71% of CISOs say DevSecOps automation is critical to ensuring reasonable measures have been taken to minimize application security risk.
A further 77% of CISOs say current tools such as XDR and SIEM solutions cannot manage cloud complexity, as they lack the intelligence needed to drive automation at scale, and an additional 70% of CISOs say the need for multiple application security tools drives operational inefficiency due to the effort needed to make sense of disparate sources of data.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 09 May 2024 14:43:06 +0000