Boards need to get behind their security teams to prevent attacks from happening.

Trellix has released new research, “Mind of the CISO: Behind the Breach” that surveyed global chief information security officers (CISOs) across major industries to better understand the challenges they face in the aftermath of a cyber-incident.

“Raising the urgency and cyber literacy of their own board is one of the CISO’s greatest challenges,” said Bryan Palma, CEO of Trellix. “The research suggests many boards’ willingness to support cybersecurity only happens after an attack. Clearly, it should be the other way around.”

Key findings include:

CISOs remain reactive until boards become proactive

* 95% of CISOs receive increased board support post-attack.

* 46% receive a boosted budget for additional technology.

* 42% revise their overall security strategy.

* 41% implement new frameworks and standards.

* 38% create new jobs and responsibilities.

CISOs face attacks from all angle
Data theft attacks (48%), malware (43%), and DDoS attacks (37%) are most commonplace.

XDR is a viable threat prevention solution

At least 92% of respondents agree improvement is needed across people, processes, and technology after experiencing a major cyber incident. Further, 95% believe if their organisation had implemented XDR, the major cybersecurity event they experienced would have been prevented.

“XDR can actually aggregate and correlate data from multiple sources and, therefore, reduce false positives. We see less alert fatigue in the security teams, and XDR allows us to be proactive rather than defensive and post facto, another big difference,” shared a CISO of a UK company.

Hidden consequences take a toll

Consequences with clear costs, such as revenue loss and rising insurance premiums, were not reported as having the biggest impact. Instead, top impacts include data loss (42%), significant stress to their SecOps teams (41%), and declining reputation (39%) as the key factors negatively impacting their organisations.

“Experiencing a cyber incident reinforced the concept that we need to be ever-vigilant, and no matter how secure we think we’ve gotten things, no matter how many tools we have in place, it’s a constant battle,” shared a CISO of a U.S.-based manufacturing company.