Security Current, a publishing, research and collaboration company founded in 2013 by security industry experts Richard Stiennon and Aimee Rhodes, has published a collection of leading CISO’s cyber security predictions for 2016. More than 25 CISOs weighed in, with many anticipating 2016 will bring more highly orchestrated attacks, such as ‘business email compromise,’ and incident response will remain a key focus for enterprises.
CISOs from organizations including Microsoft, IBM, Hearst and a variety of university’s, also anticipate a rise in investments in risk mitigation programs and integrated threat intelligence and analysis capabilities.
“Companies not only need to have solid incident response plans but also need to gain deep visibility into what is happening inside their IT environment, as you can’t respond to something you don’t know about,” said Wayne Proctor, CISO of FLEETCOR, a global provider of fleet cards and specialty payments to businesses. “Enhancing security visibility will be the primary driver for security spend in 2016. Primary solutions to help enhance visibility include: advanced threat identification, next generation SIEM, threat feeds and data analytics.”
New Technology Adoption
CISOs predict the evolving threat landscape will not impact new technology and services adoption.
“In 2015 from a technology point of view, social, mobile, big data and cloud transitioned from buzz words to the new normal,” said IBM Cloud & SaaS Operational Services CISO, David Cass. “In 2016, cloud will be about leveraging new capabilities rather than just a cost savings. Analytics and cognitive capabilities will see rapid growth as organizations look at their big data for new insights.”
CISOs also see greater adoption of cyber security insurance to address growing liability associated with breaches.
“Breaches in the past couple of years have wreaked havoc on many brands and reputations,” said Roota Almeida, Information Security Head of insurance company, Delta Dental of New Jersey. “Due to this, the board and the C-suite will have an appetite for offloading the risk to insurance providers. Cyber insurance will gain velocity and popularity in the coming year.”
Other top-of-mind issues include public-private partnerships and knowledge sharing, the saturated technology market, elimination of passwords as a viable method of authentication and the pervasive challenges in recruiting/retaining security talent.
Read these 25 CISOs’ full insights here.
Chief Information Security Officers (CISOs) participating in Security Current‘s collection of cyber security predictions for 2016 include:
- Joe Adornetto, CISO, Quest Diagnostics
- Roota Almeida, Head of Information Security, Delta Dental of New Jersey
- Bret Arsenault, CISO, Microsoft
- Devon Bryan VP, Global Technical Security Services (CISO), ADP
- Paul Calatayud, CISO, Surescripts
- James Carpenter, CISO, Texas Scottish Rite Hospital for Children
- David Cass, CISO, Cloud & SaaS Operational Services, IBM
- Daniel Conroy, CISO, Synchrony Financial
- Gary Coverdale, CISO, County of Napa
- Grace Crickette, Special Administrator, San Francisco State University, CFO Division
- Darren Death, CISO, ASRC Federal
- Todd Fitzgerald, Global Director Information Security (CISO), Grant Thornton International
- Gene Fredriksen, Global ISO, PSCU
- David Hahn, CISO, Hearst
- Brian Kelly, CISO, Quinnipiac University
- Marty Leidner, CISO, The Rockefeller University
- Brian Lozada, CISO, Abacus Group, LLC
- Michael Mangold, Director of Information Security, Tractor Supply Company
- Vickie Miller, CISO, FICO
- Farhaad Nero, VP Enterprise Security, Bank of Tokyo-Mitsubishi UFJ, Ltd.
- Pritesh Parekh, CSO, Zuora
- Vanessa Pegueros, CISO, DocuSign
- Wayne Proctor, CISO, FLEETCOR
- Joel Rosenblatt, Director, Computer and Network Security, Columbia University
- Anthony Scarola, EVP, Director of Information Security (CISO), TowneBank
- David Sheidlower, CISO, Global Media & Advertising Firm
- Terrence Weekes, CISO, DJO Global