Human Error and AI Tops Cybersecurity Threats in CISO Survey

One constant in cybersecurity is the continuous emergence of new threats. CISOs (chief security information officers) responsible for the cybersecurity of their company systems now face more cyber threats than ever before. Proofpoint recently released its annual report, identifying several cybersecurity issues that CISOs face.

CISOs have faced a number of new challenges during the past few years. First, a global pandemic forced companies to adapt to remote work, and then the increasing adoption of cloud-based systems has increased the cyber threat threshold manyfold.

Buy physical gold and silver online

Proofpoint Inc. is a cybersecurity and compliance company. Its annual Voice of the CISO report identified several challenges for CISOs, along with some of their priorities and expectations.

Also Read: How Can AI Model-as-a-Service Benefit Your New App?

Organizations Fear Cyber Attacks 

Proofpoint noted in its report that human error is the leading cybersecurity risk among many others. Almost 74% of the CISOs surveyed think that there is a high risk that their organization will experience a cyber attack during the next year. This concern has slightly increased from last year’s 68% and is quite high compared to 2022, when it was perceived to be 48%.

Proofpoint’s global resident CISO, Patrick Joyce, said,

“While the cybersecurity landscape continues to evolve with increasing human-centric threats, the 2024 Voice of the CISO report highlights what appears to be a pivotal shift towards greater resilience, preparedness, and confidence among global CISOs.”

Proofpoint noted in its 2024 report that despite the increase in cyber attacks, CISOs are now more confident in countering these threats, which shows a shift in the cybersecurity domain.

Also read: Adopting Generative AI for Cybersecurity Can be the Best Solution Against AI Threats

The work nature of CISOs requires them to be on high alert all the time. According to the survey, only 43% of CISOs feel unprepared to handle a targeted cyber attack. The number of this vulnerability has decreased significantly compared to last year, when it was reported to be 61%.

Human Error Tops Cybersecurity Concerns

As said above, human error is the largest worry of CISOs and has topped all other cybersecurity vulnerabilities this year. The report suggests that insider threats have increased over the past year, and 80% of CISOs see human risk as a major cybersecurity threat, especially from careless employees.

Human Error and AI Tops Cybersecurity Threats in CISO Survey
Cybersecurity iterative process model

However, 86% of CISOs think most employees understand their role and responsibility in safeguarding the organization. This confidence has sufficiently increased since last year’s score, which was reported to be 60%. Proofpoint thinks this positive change may be due to AI-based solutions, which 87% of CISOs surveyed want to deploy to protect their organizations against advanced human-centric cyber threats.

According to the survey, Generative AI is also an emerging concern for 54% of CISOs. They believe generative AI can be a major risk factor for their organizations. They think the three most concerning systems that can induce risk are ChatGPT or similar tools, Slack, Teams, Zoom or similar collaboration tools, and Microsoft 365 Copilot.

“This year’s findings underscore a collective move towards strategic defenses, including enhanced education, technological adoption, and an adaptive approach to emerging threats like generative AI,” said Joyce.

This year, 46% of security leaders reported material losses of organizational data, and 73% accepted that employees leaving the company were possibly involved in the loss. However, most CISOs, nearly 81%, said they still have sufficient controls to protect their organizational data.

Also read: Cybersecurity agencies unite against Akira ransomware threat

Most CISOs have adopted data loss prevention technology, and 53% have invested in training their employees on best data security practices. Ransomware, malware, and email fraud are among the major concerns, with 62% of CISOs saying their organization will pay to restore their systems and prevent data leakage if they get attacked in the next year.

The Survey Aligns With Other Findings 

Proofpoint’s findings align with Metomic’s “2024 CISO Survey: Insights from the Security Leaders Keeping Critical Business Data Safe.” Metomics is a data security solution provider specializing in GenAI, SaaS, and cloud applications. Its report was published in late April.

Human Error and AI Tops Cybersecurity Threats in CISO Survey
Email attachments pose biggest security threat

However, the survey sample size was comparatively small, with responses from 400 CISOs from the United States and the United Kingdom. According to the survey, data breaches were the top concern, and 84% of CISOs plan to focus on security operations. Not to forget, companies experienced 3205 data breach incidents last year, with the average cost of a single data breach amounting to $9.48 billion.

Metomic’s report also identifies generative AI as a major threat, and many other experts view GenAI as the same. For example, in an interview with the Security Magazine yesterday, Jadee Hanson, who is the CISO at Vanta, said,

“A second risk is when companies entrust AI to handle too much too early. We know AI is doing great things to create efficiencies throughout our everyday activities. That said, we all have seen AI get things wrong.”

For its Voice of the CISO report, Proofpoint claims to have examined responses from 1600 CISOs from firms with a minimum of 1000 employees in different sectors. The responses were gathered through global third-party surveys.

For the survey, 100 CISOs from each sector were interviewed during the first quarter of 2024. They included professionals from 16 countries, including the United States, Canada, Japan, Singapore, South Korea, the UK, France, Germany, Italy, Spain, Sweden, the Netherlands, UAE, KSA, Australia, and Brazil.

In Metomic’s report, 80% of CISOs said they can access the resources required to do their jobs, while Proofpoint’s report noted that 84% of CISOs believe that their company board members share the same views and understanding of cybersecurity issues.


Cryptopolitan reporting by Aamir Sheikh

About the author

Why invest in physical gold and silver?
文 » A