Acuity Risk Management

Trends and Tips 2021: The Increasing Demands Placed on CISOs

With such dramatic changes in business operations caused by the pandemic, corporations are increasingly relying on their CISOs to manage not only cybersecurity threats, but control privacy concerns, promote innovation and encourage smart risk-taking. What should security officers know about current trends? What tips will help them do their jobs?

Acuity has looked closely at these issues and summarized them in a new whitepaper, updating previous looks at these matters. You can download a copy here. Here’s a preview of what the whitepaper addresses.

Trend 1: An expectation to do more – but sometimes with less

Boards and CEOs recognize the increasing importance of cybersecurity and risk management overall, and a recent survey showed that more than half the respondents expected their companies to increase their cybersecurity budgets. But 13 percent didn’t expect any increase and 26 percent were expecting cuts in their cybersecurity budgets.  The upshot: CISOs may need to quantify risks more than ever to demonstrate the value of their departments and help their organizations make informed decisions.

Trend 2: Awareness of risks from third parties

As organizations increasingly share sensitive and business-critical information with the wider ecosystem, the dangers posed by third parties have become more substantial. Serious risk incidents involving third parties have nearly tripled over the past few years, surveys show. Consequently, organizations need objective, consistent and thorough processes and tools to manage vendor risk.

Trend 3: Ever-increasing data protection and privacy regulations

While Europeans have been concerned with consumer privacy for years, Americans are starting to share their worries. Nearly all U.S. consumers now consider their data privacy important, but a majority don’t trust companies to use their data in an ethical way. The digital transformation makes it tougher for companies to keep on top of privacy matters, and more regulations have been passed or potentially may be added to further shield individuals from unwanted access. These forces are driving organizations to record, assess, manage and review both privacy and security risks in how they process personal data

Trend 4: Broader use of flexible risk-management platforms

With the complexities of risk management corporations now face, boards and CEOs need to be informed of an organization’s risk status in a comprehensive, consolidated view that prioritizes risks and allocates resources accordingly. Such a view requires companies to go beyond spreadsheets and adopt a modern risk-management platform. CISOs can’t adequately perform the tasks required of them without such a holistic risk-management platform. Consequently, such platforms are gaining popularity.

To learn more, download your copy of the whitepaper.