Fastly finds a 37% year-on-year increase in the number of Australian businesses with CISOs. 42% of IT leaders view CISOs as crucial in keeping the business safe from threats.
- 81% of Australian businesses now have a CISO, and a further 11% are planning to hire one in the next two years
- 45% of IT leaders believe that CISOs need to have an in-depth understanding of all areas of IT
- 25% saw CISOs as being blamed too often for things which are not their fault
- 27% felt they were given too much legal and operational responsibility
- 16% believe CISOs are overworked and underpaid
Fastly Inc. (NYSE: FSLY), a leading global edge cloud platform provider, has found a consolidated Chief Information Security Officers (CISOs) hiring boom in 2023, with 81% of Australian businesses now having a CISO, and a further 11% are planning to hire one in the next two years.
However, despite efforts to bolster C-level security positions, Fastly’s data suggests there is still a lack of understanding of the role. For example, 25 per cent of IT leaders surveyed by Fastly think CISOs are often held responsible for cyber security incidents which are not their fault while 22% think security managers and security engineers are often held responsible.
IT professionals are still struggling to identify the exact roles and responsibilities, and expectations of the CISO differ across the industry. Forty-two per cent of IT leaders view CISOs as crucial in keeping the business safe from threats. At the same time, just under half (45%) of IT leaders believe that CISOs need to have an in-depth understanding of all areas of IT. Similarly, 27% felt they were given too much legal and operational responsibility.
Fastly’s CISO Marshall Erwin commented: “Facing – and trying to plan for – unprecedented cybersecurity challenges in 2024, Australian businesses have consolidated efforts to hire a professional able to take charge of cybersecurity strategy. Though, our data suggests there still exists confusion over what the role of the CISO’s actually entails. This disparity of opinion highlights how the role has evolved in recent years, particularly with challenges to organisation’s security postures and growing threat landscape.”
The lack of understanding surrounding the CISO role is impacting perceptions of its usefulness. While sixteen per cent of CISOs are viewed as overworked and underpaid, at the same time, 12 per cent see them as poor value for money.
Erwin continued: “Traditionally, the CISO role involved staying within the confines of IT and risk management. But in 2024 CISOs are increasingly seen as business leaders responsible for the strategic direction of an organisation’s cybersecurity strategy, which is where this lack of understanding about the role arises. Within two years, most Australian businesses will have filled the CISO role. For them to work effectively, there is clearly a need for organisations to develop greater understanding of the role amongst IT departments.”
Fastly has taken a deep dive into the security investments and plans of almost 1,500 global IT decision-makers – and offered concrete advice into how businesses can bolster security postures – in its recent report The Race to Adapt: How your cybersecurity posture is affecting your business’s bottom line, which you can download here.
About the research
This research surveyed 1,484 key IT decision makers in large organisations spanning multiple industries across North America, Europe, Asia-Pacific and Japan. The survey included 211 IT decision makers in organisations with more than 250 employees in Australia.