January 25, 2024 at 06:10PM
Panorays’ 2024 CISO Survey of 200 CISOs reveals that 94% are concerned about third-party cybersecurity threats, with 65% anticipating an increase in third-party cyber risk budget. Only 3% have already implemented a third-party cyber risk management solution, and 33% plan to do so in 2024. CISOs prioritize AI-driven solutions and compliance with new regulations as key challenges.
The meeting notes outline the key findings of Panorays’ 2024 CISO Survey, which focused on third-party security risk management, AI-driven solutions, and the challenges faced by CISOs in the current year. The survey revealed:
Concerns about Third-Party Cybersecurity Threats: 94% of CISOs are concerned about third-party cybersecurity threats, with 17% considering it a top priority. However, only 3% have implemented a third-party cyber risk management solution, and 33% plan to implement one in 2024.
Budget Expectations: 65% of CISOs expect their third-party cyber risk management budget to increase, with 40% anticipating an increase of 1-10% this year.
Concerns Vary by Enterprise Size: CISOs in very large enterprises (73%) are more concerned about third-party cybersecurity threats compared to those in mid-size enterprises (47%).
Team Responsibilities: In most organizations, IT, risk, operations, or privacy teams (54%) are responsible for managing third-party risk, while 36% of organizations delegate this responsibility to back-office teams.
AI Solutions: 80% of CISOs believe that AI-driven solutions can prevent a significant number of breaches. The most effective tools for reducing third-party threats include cyber questionnaires for third parties (73%), compliance management tools (70%), and API monitoring of third parties in the supply chain (68%).
Top Challenges in 2024: CISOs highlighted challenges such as complying with new regulations for third-party risk management, communicating the business influence of third-party risk management, and a lack of resources to manage risk in the growing supply chain.
Expectations from Third-Party Cyber Risk Management Solutions: CISOs consider risk quantification, receiving suggested remediation actions, threat intelligence, and integration with other systems as important capabilities in a third-party cyber risk management solution.
The overall sentiment from the survey suggests that despite growing concerns about third-party cybersecurity threats and regulatory changes, there is a gap between awareness and proactive measures in implementing third-party cyber risk management solutions.
For more information about Panorays and the survey, please visit their website at: https://panorays.com/.
Is there anything specific you would like to focus on or any additional details you need?