Human error is responsible for most cybersecurity risks, with nearly three-quarters (74%) of chief information security officers (CISOs) identifying it as their most significant vulnerability. In response, 87% of CISOs are adopting AI-powered technology to protect against human error and to block advanced human-centric cyber threats.
These were among the key findings from Proofpoint’s 2024 Voice of the CISO report, which included responses from 1,600 CISOs from organizations of 1,000+ employees across different industries in 16 countries.
The report also revealed:
In conversations with his customers, the growing confidence among CISOs is largely driven by advancements in securing identities, said Piyush Pandey, CEO at Pathlock, as well as access to the core business applications that house their most sensitive data and transactions. “Automated and AI-driven policies are helping to ensure that only authorized users have access to sensitive data and critical applications, which minimizes the risk of unauthorized access and potential breaches.”
Regular audits and compliance checks help CISOs stay ahead of potential vulnerabilities, driving a sense of confidence in the company’s security posture, Pandey added. “AI-powered solutions are becoming increasingly vital in mitigating human-centric risks.”
AI-driven analytics can predict and prevent potential insider threats by continuously learning and adapting to the evolving behavior of users within the organization. “These solutions have proven to be highly effective in enhancing security postures,” Pandey said.
Even as IT security leaders leverage AI to improve operations, the Proofpoint survey revealed generative AI (GenAI) is a growing concern, with 54% of CISOs citing GenAI as a security risk.
An earlier survey from Trellix also indicated CISOs face mounting pressure as cyberattacks surge and complexities surrounding the implementation of GenAI and AI technologies emerge.
Despite challenges such as employee turnover, 81% of CISOs believe they have adequate data protection controls.
Adoption of data loss prevention (DLP) technology and investment in security education have increased, with 51% using DLP and 53% educating employees on data security.
Most CISOs still consider paying ransom if attacked, and reliance on cyber insurance has increased. Craig Jones, vice president of security operations at Ontinue, said banning ransom payments to combat ransomware is a complex proposition. “While it could discourage attackers by cutting off their financial incentives, enforcing such a ban is challenging, especially with the anonymity provided by cryptocurrencies,” Jones said.
Additionally, in critical situations, organizations may still choose to pay ransoms covertly to recover vital data or restore operations, undermining the ban’s effectiveness.
“A more holistic approach might be more effective: enhancing cybersecurity defenses, promoting international cooperation to track and prosecute cybercriminals, and regulating the cyber insurance industry,” Jones suggested. This multifaceted strategy addresses the root causes and repercussions of ransomware without the significant enforcement challenges and potential negative consequences of a ban. “Such an approach acknowledges the complexities and the global nature of cyber threats, offering a balanced solution to mitigate ransomware risks,” he said.
The report also noted ransomware and malware were the top threats for 2024, with ransomware moving to the top spot from last year.
Darren Guccione, CEO and co-founder at Keeper Security, said that the successive barrage of ransomware attacks affecting every sector of the economy has shown no signs of slowing, despite government and industry professionals’ concerted efforts. “Egregious cyber-attacks have become a pervasive threat that predatory cybercriminals pose to everyone from multinational businesses to local governments.”
Most successful ransomware attacks result from weak or stolen passwords, credentials and secrets. “A cybersecurity strategy and prudent investment are essential to prevent these types of cyberattacks because no organization is immune,” Guccione said.
Photo credit: Towfiqu barbhuiya on Unsplash