- Today organizations are struggling with the best way to protect against attacks that are targeting the endpoint.
- Too often, the security strategy has been to put the onus on the individual employee.
- Research has shown, over and over again, that training and user restrictions are both tedious and expensive, and have a very low success rate.
- This is because cybercriminals are experts at using social engineering to manipulate users into behaving insecurely.
Being a CISO is tough. You’re responsible for the security of your organization’s intellectual property, customer data and you fight an enemy that can’t be seen or heard. If you’re lucky, you’ve constructed a security stack aimed at preventing a breach, but the reality is, cybercriminals have figured out your most vulnerable threat surface are the humans who are doing the work in your company. That means your whole job comes down to trusting the people who surf the net, read email and download documents hundreds of times a day. So to cope with this variable, you find yourself locking things down, blacklisting websites and doing regular phishing tests to see who’s not paying attention. You know this comes at the cost of productivity. You know because the organization tells you. Repeatedly. Yet what are you supposed to do? You will lose your job and your reputation if there’s a breach.
Welcome to the CISO’s Dilemma.
We conducted a study with researchers at Vanson Bourne to help us understand what was happening. The sample included 500 CISOs from large enterprises in the US (200), UK (200) and Germany (100) and the companies were a combination of 175 enterprises with between 1,000 and 3,000 employees, 175 with 3,000 to 5,000 employees, and 150 with more than 5,000 employees. The study looked at what today’s organizations are doing to prevent endpoint breaches targeting employees, the success of those efforts, and the associated costs that make this whole approach rather frustrating. We will also look at the impact that such measures have on productivity and ultimately the business’s ability to innovate. You can see the highlights from the study below in our infographic.
Read the entire article here, CISO’s Dilemma When Productivity and Cybersecurity Face Off
via the fine folks at Bromium
Leave a Reply