View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 4, 2014

Are CISOs companies’ data breach scapegoats?

Why CISOs are the first ones to go after a data leak.

By CBR Staff Writer

Chief information security officers (CISOs) are viewed as scapegoats in the event of a data breach, according to a new report.

Three-quarters of C-suite executives don’t see CISOs as part of a business’s leadership team, and 44% would blame them for any data leaks, a new ThreatTrack Security report revealed.

Two-thirds of the survey respondents consider that CISOs do not have a broader awareness of organisational goals and business needs outside of data security, with over a quarter of them blaming their cyber security decisions for hurting the financial strength of a company.

ThreatTrack Security president and CEO Julian Waits Sr said: "The CISO’s role has become increasingly complex and demanding, yet the value of their contributions aren’t fully understood or appreciated by peers.

"Our research suggests that CISOs are often viewed simply as convenient scapegoats in the event of a headline-grabbing data breach, and they are significantly undervalued for the work they do every day to keep corporate data secure.

"This perception needs to change, as CISOs, and the teams that work with them, should be viewed as drivers for business protection and growth."

A total of 46% of respondents believe CISOs are responsible for cybersecurity purchasing decisions, with more than a third deeming their CISO could take on another role other than information security, within their organisation.

Content from our partners
Scan and deliver
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
GenAI cybersecurity: “A super-human analyst, with a brain the size of a planet.”
Cloud, AI, and cyber security – highlights from DTX Manchester
Cloud, AI, and cyber security – highlights from DTX Manchester

Another 27% said their CISO adds greatly to enhancing day-to-day security, while the majority of retail and healthcare firms have a perception that the role of the CISO exists mainly to take accountability for data breaches.

Asked to grade the overall performance of their CISOs, 23% of participants gave their CISO an A for excellence; 42% said B for above average; and 30% said C for average.

Waits Sr said: "These findings point to a dilemma for CISOs and their peers in the C-suite.

"If CISOs are not consulted by senior executives during decision-making processes, how can they be held responsible for major security breaches? CISOs serve a vital role in cybersecurity, but are struggling for the recognition and authority they need to be effective in defending organizations from today’s precarious data security dangers."

Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU