FTSE 350 report highlights the difficulties faced by CISOs

The Government’s FTSE 350 Cyber Governance Health Check report highlights the challenges faced by CISOs working in those companies.

The Challenges faced by CISOs

One of the reports key findings was that many FTSE 350 boards still don’t understand both the risks or potential impacts a cyber attack could have on their business.

Just 16% of the companies surveyed said that their boards have a comprehensive understanding of the impacts of an attack. Conversely, the same report shows that 96% of companies has a cybersecurity strategy in place suggesting that to many boards the introduction of such plans is just a box ticking exercise.

 In this age of growing cyber risks and daily reports of breaches the need for effective cybersecurity has never been greater, but according to the report, just 46% of companies have a dedicated cybersecurity budget in place.


The Buy-in dilemma

We hear from CISOs all the time that one of their biggest challenges is getting buy-in from their boards. These statistics show just how much of a challenge this can be. If just 16% of boards in the FTSE 350 still struggle to understand the implications of an attack and the need for cyber security measures then why would they release the funds or provide the support a CISO needs to do their job?

Many boards still believe that an annual penetration test is good enough, but cyber risk is constantly changing with new vulnerabilities being discovered all the time.

How can a CISO convince a board that it needs to invest in tools that are always on and always ready to be deployed when needed?

Take control of your organisations Cyber posture with CyberScore™

Security teams need a way to clearly demonstrate to stakeholders the need to invest in and encourage an organisation wide cyber aware culture. Tools like CyberScore™ can help by:

  • Giving an evidence-based Risk Score on demand.
  • Generating board-level Reports outlining the organisation’s security posture, vulnerabilities and a Get-Well Plan.
  • Automating the bulk work of pen testing and making it affordable and rapid something that should appeal to a board seeking to reduce costs without negatively impacting upon the business’s security.
  • Continuously tracking security posture, vulnerabilities, remediations and score.
  • Tracking cyber risks across supply chains and third parties without the need for consultants or questionnaires.
  • Dramatically reduce the cost and improve the quality of compliance penetration testing.

We understand that being a CISO is incredibly challenging role which is why CyberScore is designed to be easy to use so it doesn’t eat into your time and resources. For more information about and to request a demo of CyberScore visit - https://xqcyber.com/contact/take-a-look-at-cyberscore

For Further Reading –

CISO Vs. Board – the Eternal Struggle

3 Reasons why Cyber security is a Business Enabler

Most CyberSecurity tools ‘too complex’ says report -Good job there’s CyberScore™

Follow us on FacebookTwitter and LinkedIn and join the CyberScore Community