WASHINGTON — Feb. 8, 2018 — Ankura announced today that it has published the results of its first security leadership data survey, “The Shifting Cybersecurity Landscape: How CISOs and Security Leaders Are Managing Evolving Global Risks to Safeguard Data,” in cooperation with Ari Kaplan Advisors.
Ankura cybersecurity and data experts, working with industry analyst Ari Kaplan, created the survey to examine how security professionals are handling today’s complicated cyber and data information landscape. The survey queried 30 corporate security officials on how the perception of security is changing and the ways corporations are adapting to an evolving threat landscape.
Seventy percent of respondents were from organizations with more than $1 billion in annual revenue, and 50 percent were from organizations with annual revenues of more than $5 billion. The majority were from companies with more than 5,000 employees and hailed from a diverse group of industries, including financial services, healthcare, technology, insurance, manufacturing, telecommunications, and media.
“Over the past four years, interest in benchmarking cybersecurity hygiene has continued to expand, and I am honored by the caliber of participation in this year’s report,” said Kaplan. “The perspectives it highlights reflect an incredible collective dedication to data protection tempered by an acknowledgement of its challenges.”
Notable statistics in the report include:
Jessica Block, an Ankura Senior Managing Director who focuses on data governance and privacy and spearheaded this project, said, “The results show security leaders around the world are thinking about how to build and sustain cross-functional programs to drive effective information management. We saw organizations acting to improve both processes and technologies in the face of increased regulatory risk and other threats. Regulations such as the General Data Protection Regulation and 23 NYCRR Part 500 are targeting previously unregulated industries and having great impact on existing planned corporate initiatives and budgets beyond what can be absorbed by internal resources.”
Scott Corzine, an Ankura Senior Managing Director who focuses his work on cybersecurity compliance and program maturity issues, added, “We were interested in the evolution of cybersecurity reporting relationships in large organizations and the perceptible trend toward security leaders reporting to someone with compliance or oversight responsibilities rather than technical responsibilities. We also looked at the fascinating perspective of CISOs around their frustration with reporting about cybersecurity to boards that may still widely lack cyber-aware members with grounding and experience in the complexities of security as an enterprise risk, and that still fund cyber initiatives in reaction to widely publicized breaches. With 35 percent of CISOs lacking confidence or unsure of the security of their data exposed to their third-party providers, we received some good insights into the complexity of security assurance in the CISOs’ information supply chain.”
Luke Tenery, an Ankura Senior Managing Director with more than 15 years of experience handling complex cyber issues covering investigations and forensics, data privacy and security, and security management issues, noted, “The survey is an incredibly useful overview of what cybersecurity leaders are grappling with as they adapt to mitigating risks and maximizing opportunities in the cloud and emergent technologies. They are forced to take on more and more third-, fourth-, and even fifth-party vendor platforms, and continue to see an evolution of data security and incident response issues that require strategic reconsiderations of cyber risk management, including incident management and threat detection. For me, it was worth noting that only 37 percent of respondents answered that they were confident that their managed services providers could provide legally defensible investigations if respective organizations were victims of a breach or other cyber incident.”
# # #