Navisite Research Finds 45% Of Companies Do Not Employ a Chief Information Security Officer

  • 60% Of Respondents State Their Cybersecurity Strategy Is Developed Outside the Security Team

Navisite unveiled new research that found nearly half (45%) of companies do not employ a Chief Information Security Officer (CISO). Of this group, 58% think their company should hire a CISO. Only 40% of respondents stated their cybersecurity strategy was developed by a CISO or member of the security team, with 60% relying on other parts of their organization, including IT, executive leadership and compliance.

HR Technology News: Unlocking Business Success With Data-Driven Leadership

Navisite polled 130 security, IT and compliance professionals in the U.S. to determine their perceptions on the state of cybersecurity leadership and readiness within their organizations. More than 80% of respondents described their job title as either executive leadership or management, with more than 60% of respondents coming from mid-sized organizations between 100-5,000 employees.

HR Technology News: APM Launches Major Project Leadership Specialist Certificate

Additional findings include:

  • 21% of respondents admit their company does not have a dedicated person or staff whose sole responsibility is security/cybersecurity.
  • 75% of respondents said their company experienced an increase in overall cybersecurity threat volume in the last year.
  • 80% of respondents felt their company exhibited strong cybersecurity leadership during the COVID-19 pandemic.
  • 70% of respondents expressed confidence in the effectiveness of their cybersecurity program—but that confidence dropped to 58% for companies without a CISO.
  • Nearly half (47%) of survey takers believe their company spends too little on cybersecurity.

“The survey results support what we’re seeing across the board: organizations prioritized their security efforts during COVID, but at the same time, they’re acutely aware of how much more they need to do to effectively defend against cyber threats,” said Aaron Boissonnault, Navisite CISO. “The data also points to an ongoing problem in the industry: a cybersecurity skills shortage that extends to the highest levels. Companies value and want cybersecurity leadership, but it is increasingly difficult to find and retain these individuals.”

HR Technology News: HR Tech RADAR 2021: Top 250 HR SaaS Technology Companies You Should Follow

[To share your insights with us, please write to sghosh@martechseries.com]