State of the CSO 2015
-
Upload
idgenterprise -
Category
Technology
-
view
98 -
download
0
Transcript of State of the CSO 2015
State of the CSO 2015
2
Purpose and Methodology
SURVEY SAMPLE
TOTAL
RESPONDENTS
366 Security
Decision-Makers
MARGIN OF ERROR +/- 5.1%
AUDIENCE BASE CSOonline.com
visitors, CSO LinkedIn
Forum members and
email invitations to
audience.
COLLECTION Online Questionnaire
NUMBER OF
QUESTIONS
26 (incl. demographics)
Mitigating risk and keeping an organization
secure continues to be a challenge. CSO’s
annual State of the CSO survey is conducted to
provide a complete overview of the evolving role
of CSOs in today’s business climate, from
security strategy, to metrics, budget and
function ownership.
SURVEY GOAL
SURVEY METHOD
Source: State of the CSO Survey, CSO, 2015
3
Big Breaches = Security Practices Reevaluation
Q. Have recent big name data breaches (such as those experienced by eBay, Neiman Marcus and Target) caused your
organization to reevaluate its information security standards?
49%44%
7%
Source: State of the CSO Survey, CSO, 2015
Not Reevaluating
Not Sure If They
Are Reevaluating
Reevaluating
4
Most Likely to Directly Report to CEO
Q. To whom do you directly report?
Source: State of the CSO Survey, CSO, 2015
23%
21%
8% 8% 8%7%
4%
13%
Chief ExecutiveOfficer (CEO)/
President/ Owner/Partner
Chief InformationOfficer (CIO) or
Equivalent
Chief SecurityOfficer (CSO)
Chief FinancialOfficer (CFO) or
Equivalent
Chief TechnologyOfficer (CTO) or
Equivalent
Chief OperatingOfficer (COO) or
Equivalent
Chief Risk Officer(CRO) or Other
Risk ManagementFunction
Other
5
Increasing Value in Managing Risk
Q. In the past 12 months, has your organization's senior management placed more, less or the same value on risk
management?
Q. In the next 12 months, how do you expect the value senior management places on risk management to change?
51%
13%
35%
70%
5%
19%
More Value Less Value No Change
Past 12 Months Next 12 Months
Source: State of the CSO Survey, CSO, 2015
6Source: State of the CSO Survey, CSO, 2015
5%
34%
35%
37%
40%
56%
62%
67%
72%
77%
82%
87%
Other
Sales/Marketing
Supply Chain
Third Party Technology Ecosystem
Loss Prevention
Human Resources
General Counsel/Legal
Physical/Corporate Security
Financial Risk/Insurance
Executive Management
Business Continuity/Disaster Recovery
Information Security
Collaboration Needed for Successful ERM Implementation
Q. Which of the following disciplines, departments or groups are included in your organization’s formal Enterprise Risk
Management process? (base: use a formal ERM process that incorporates multiple types of risk)
6.5departments on
average involved
in formal ERM
process
7
Satisfaction Decreasing with Security Vendors
Q. In general, how satisfied are you with the quality and relevance of products and services offered by security vendors?
Source: State of the CSO Survey, CSO, 2015
8
Learn More
Source: State of the CSO Survey, CSO, 2015
For more information on this study, contact Sue Yanovitch, VP of Marketing, at [email protected].