Most CISOs feel unprepared to handle a cyberattack but worry they are at risk of an attack in the next year.
The finding comes from Proofpoint's 2021 Voice of the CISO, which surveyed more than 1,400 CISOs globally at mid- to large-size organizations across different industries throughout the first quarter of 2021.
The survey reveals 66% feel unprepared to handle a cyberattack, and 53% are more concerned about the repercussions of an attack in 2021 compared to 2020. Researchers found 58% consider human error to be their greatest vulnerability, which Proofpoint ties back to the now-widespread work-from-home model necessitated by the pandemic.
"With the future of work becoming increasingly flexible, this challenge now extends into next year and beyond," says Lucia Milică, global resident CISO at Proofpoint. "In addition to securing many more points of attack and educating users on long-term remote and hybrid work, CISOs must instill confidence among customers, internal stakeholders, and the market that such setups are workable indefinitely."
The survey reveals CISOs are worried about business email compromise attacks, with 34% citing BEC as their top concern. Cloud account compromise (33%), insider threats (31%), supply chain attacks (29%), and ransomware (27%) were also listed as top concerns. Nearly two-thirds of CISOs surveyed feel at risk of suffering a material cyberattack in the next 12 months.
The full research report can be found here.