• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology

Despite a ‘direct line’ to the board, CISOs don’t always get a dedicated budget

FutureCIO Editors by FutureCIO Editors
December 13, 2019
Photo by Karolina Grabowska from Pexels

Photo by Karolina Grabowska from Pexels

The vast majority (89%) of Chief Information Security Officers (CISO) are regularly summoned by the board of directors to provide recommendations for the business. 

This is a key finding from the latest global survey of information security heads commissioned by Kaspersky. The study also revealed that despite a ‘direct line’ with top bosses, it does not necessarily result in dedicated investments in security. In fact, 54% of respondents admit having to share their organisation’s IT budget. 

In Q3 of 2019, 451 Research conducted an independent study, commissioned by Kaspersky, to explore the various factors shaping information security from the perspectives of enterprise security leaders. The study surveyed 305 respondents that have senior or executive responsibility for cybersecurity in enterprises worldwide, with the findings revealing how the nature of cybersecurity and security leadership has evolved. 

According to the study, top management seek advice from IT security leaders regardless of the organisation’s reporting structure, with only 23% reporting to the board. Business leaders need input from their CISO most often when an internal cybersecurity incident happens –  as recognized by 60% of respondents.

However, it’s not all about breaches — executives also seem to be proactive and mindful about how to protect the company now and in the future. More than half (57%) of the surveyed IT security chiefs schedule meetings with the board on a regular basis, and 56% are requested to provide their expert opinions on future IT projects. However, despite being visible and valuable to the board, CISOs still face difficulties when it comes to justifying necessary spending on IT security. Having to siphon their expenses from the broader IT budget, 43% of those surveyed feel that they are in direct competition with other business and IT initiatives, making it one of the top three challenges they face in order to make a case for essential information security investment. 

“As the study shows, boards of directors now understand that cybersecurity is an important part of business success. Nevertheless, there’s still a challenge for CISOs to be able to convert this understanding into actual support. Speaking business language instead of using technical jargon, focusing on how to solve problems and bringing in third-party expertise to justify meaningful measures are all key components to win over directors,” comments Veniamin Levtsov, VP of Corporate Business, at Kaspersky. 

To help CISOs communicate effectively with their board of directors, Kaspersky recommends: 

  • Shifting from ad hoc communications to regular sync-ups with the business leadership team. It will help to keep the board updated on the company's security measures and remain aware of strategic priorities.
  • Speaking in a language that top management understands. Executives rarely have a security or technical background, so try to avoid IT jargon and refer instead to specific business benefits and opportunities when speaking about security measures.
  • Make sure board members receive security training. This will not only help towards building a corporate-wide cybersecurity culture, but will also highlight the practical value and impact of effective cybersecurity measures.
Related:  Risk quantification strategies in 2023
Tags: budgetCISOKaspersky
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • APAC CIOs rethink cybersecurity investments amid expanding threat landscape
  • Study finds almost half of businesses bank on AI-enabled cybersecurity for EDR and XDR
  • AI drives cloud market growth in Q1
  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe