What are CISOs’ most pressing cybersecurity challenges?

CISOs are increasingly preoccupied with digital transformation, migration to cloud environments, and data governance, a recent YL Ventures survey has shown.

The Israeli venture capital firm polled almost 40 cybersecurity executives at leading enterprises from its own Venture Advisory Board, and discovered their pain points when it comes to dealing with the increased complexity brought on by the current state of affairs.

Cloud security concerns and solutions

47 percent of the pollees said that their most pressing concern is the human capital shortage and operational gaps, followed by cloud security-related challenges (37%).

21% of the respondents expect the human capital shortage to intensify in the next five to seven years, due to low enrollment in relevant academic fields. Many also said that the accountability and level of responsibility associated with currently open positions often deter the few graduates that do qualify.

Their solution to these problems is looking for ways for automation to relieve the pressure on overworked employees, tapping into new and diverse resources of talent, recruitment, and training alternatives, and investing in human capital and training.

“In fact, CISOs are now spending the largest portion of their budgets on human capital after concluding that even the best-of-breed tools do not yet sufficiently address their most pressing cybersecurity issues. This is especially true for newly emerged threats and when CISOs require more customizable and tailored capabilities for their organization’s needs,” the analysts shared.

Their cloud-security related challenges include picking the right tools or partners to support their cloud migration and maintenance of cloud security (especially if multi-cloud infrastructure is involved).

They are particularly worried about maintaining in-depth visibility into cloud assets and about avoiding misconfigurations that could result in data breaches.

“Participants (…) are more interested in addressing their cloud concerns through the acquisition of one security solution to cover their multiple environments instead of relying on those furnished by their different cloud providers or by disparate cloud security solutions. Nevertheless, a small number expressed interest in the security products and features of native platforms and remain open-minded to what cloud vendors might offer down the line,” the analysts noted, and pointed out that they may not have to wait long as cloud vendors have recently begun to launch multi-cloud management capabilities of their own.

Data security, privacy, IAM and SOAR

Respondents are want to strengthen controls around data lakes and understand data flows within their organization. They searching for better data loss prevention (DLP) solutions and customer Data Subject Access Requests (DSAR) solutions.

“CISOs are searching for products that can deliver granular consumer data to meet the growing demand from regulators to enable customer DSAR. This poses a difficult challenge, as most organizations lack clear visibility into their dataflows and, due to a lack of available solutions, are forced to manually source these requests on a case-by-case basis,” the analysts found.

Identity and Access Management (IAM) solutions that are adequate for meeting the needs that come with increasingly complex enterprise infrastructures and highly mobile connected devices are also difficult to find, they say, and some CISOs have decided to building their organization’s IAM capabilities internally (i.e., by customizing existing IAM solutions and filling in remaining gaps with internally- built solutions).

Finally, many of the respondents realized that total security is impossible and have decided to focus some of their attention and budgets on incident response, SOAR (Security Orchestration, Automation and Response), and detection and response.

“Our respondents are determined to minimize the time taken to deal with vulnerabilities and breaches, improve their detection capabilities, and issue faster remediation. Many are open to, or already outsourcing, such capabilities to meet this need. For those looking to keep these capabilities internal, this segment of the industry is a perfect candidate for automation solutions, as automating incident response can leave valuable security practitioners available for tasks that require a greater deal of in-depth thinking,” they concluded.