IDG Research: Large organisations have the budgets to hire CISOs

IDG Research: Large organisations have the budgets to hire CISOs

Over the last few years cybersecurity has gradually raised in profile, this has put increased pressure on business leaders and resulted in more and more senior security professionals getting hired (by those that can afford it).

The recent IDG Enterprise Security Priorities Survey, which profiled 694 security and information technology decision-makers showed that whilst the security challenges of SMBs and enterprises are similar, their maturity to cope is different. Perhaps not surprisingly, enterprise organisations are far more likely to have a CISO and dedicated security group in place. They are also more likely to have deployed security technologies like two-factor authentication or data loss prevention tools.

The research suggested that in organisations which lack a strategic security lead, issues are escalated to the CIO or CEO, in about equal measure. In companies which do have this function in place, this individual typically takes primary responsibility for a wide range of security issues, including insider threats, incident response, vulnerability management and security awareness training.

This represents a marked split between smaller and larger organisations. Almost half of enterprise respondents (48%) said they focus solely on IT security decisions, compared to one third (33%) of SMB respondents. The upshot of this is that employees in smaller organisations are required to wear more hats in their day-to-day work which makes it more difficult for them to strategise and plan for the long term.

These problems aren’t likely to go away anytime soon. And organisations of all sizes are dealing with the same threats and challenges. These include the potency of online attacks and phishing scams, the increasing sophistication and determination of criminal and nation-backed hackers, the necessity to align information technology and information security programs and the difficulty associated with finding and keeping qualified professionals.

One of the big takeaways from this report is that in matters of security, size and resources matter now more than ever before. This is because enterprises have greater flexibility in hiring and staffing so can hone their information security practices to encompass user education, sophisticated network monitoring and incident response. SMBs, however, are just left struggling behind.



«Five ways to take advantage of the Internet of Things


Advice from a CISO: We have traditionally failed at leadership»
IDG Connect

IDG Connect tackles the tech stories that matter to you

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?