Survey: Cyber Security Officers Struggle to Balance Regulation and Security Demands | Trade and Industry Development

Survey: Cyber Security Officers Struggle to Balance Regulation and Security Demands

Mar 04, 2024
The tightening regulatory landscape and increasing cyber threats pose growing challenges for Chief Security Information Officers (CISOs), prompting them to employ new strategies to upkeep data safety.

As cybersecurity threats multiply and new regulations like the NIS 2 Directive, MiCA, and DORA are soon to be implemented, the role of Chief Information Security Officers (CISOs) has never been more critical — or more challenging. An annual report surveying 1,600 cyber leaders across 16 countries, revealed 73% of CISOs in the US alone stated they experienced burnout in the past year.

On top of being overstrained, a rise in cybercrime adds to the burden — 68% of CISOs feel at risk of a material cyber attack, compared to 48% the year before, reflecting the prediction that IoT attacks alone are expected to double by 2025. While cybercrime continues to inflict damage, projected to cost the world $9.5 trillion in 2024, experts warn that the wave of new regulations will scatter the focus of CISOs even more.

“The upcoming NIS2 Directive, along with MiCA and DORA regulations, introduces more legal responsibilities for CISOs, binding them to additional compliance and security reports. The tech sector is expanding at a rate that is complex to manage, and with the new regulations on the way, it will definitely add on to the challenges of an already complex process,” explains Aurimas Bakas, CEO and founder of Cyber Upgrade.

Burnout amongst CISOs poses risks to organizational security, potentially leading to unintentional negligence of duties, and in severe cases, misinformation about the state of a company's cyber safety practices; as much as 83 percent of IT security professionals admit that, due to burnout, they or their colleagues have made errors that led to a security breach.

AI-powered automation presents a promising solution to streamline the growing scope of duties for CISOs. “Automation could alleviate some of the workload. AI-powered tools have evolved to a point where they can ensure that effective security protocols are maintained, like the implementation of password managers and multi-factor authentication across all systems, which only 29% of organizations currently use,” states Bakas.

Bakas sees leveraging AI as a prominent trend for the evolution of cybersecurity. His own company’s focus revolves around the production of an automated cybersecurity toolkit that includes a smart automated assistant to the CISO, able to oversee regular safety checks. With the AI-driven chatbot, businesses can also involve every team member in game-like training and cybersecurity assessments that look for vulnerabilities, fostering a culture of enhanced awareness.

“We weighed the opinions of many colleagues and identified a gap in the market, prompting us to come up with a solution that ensures safety for businesses at a large scale. We are quite proud of what we created because automation allows us to address the increased workload of CISOs and their enormous responsibilities. We consider our progress as a stepping stone in the right direction to streamline critical processes in security experts’ day-to-day,” explains Bakas.

“Ideally, automation frees CISOs to focus their expertise where it really matters. AI can cover many of the computational and repetitive tasks, but the role of CISOs is as paramount as ever in today’s digital climate. Their mental health directly impacts the safety of businesses, and it should be taken into account when it comes to implementing extensive bureaucracy and additional workloads.”

(Click to Expand)