false

Perspectives Home / SECURITY

3 Gift Ideas for CISOs This Holiday Season

Whether your CISO has been naughty or nice, these wishlist items will ensure your organization remains resilient in the face of cyber threats.

A black and white image of a stack of gift boxes, with a gradient ribbon.

By Ryan Kovar, Distinguished Security Strategist & Founder of SURGe, and Kirsty Paine, Field CTO & Strategic Advisor
December 6, 2023 • 3 minute read

CISOs ask for so much and yet so little — what they want is vital to their organizations’ security. So, what would make the greatest gifts for a CISO (apart from blindfolds for your legal department)? Let’s unwrap what’s on the CISO wish list and find out what they need to safeguard their organizations in the new year.

1. Increased security investments

According to Splunk’s CISO Report, 85% of CISOs admit that they’re worried about how economic uncertainty will impact their teams. While time and again CISOs demonstrate a business case for increased budgets year over year, only 35% say that their boards allocate adequate cybersecurity funding. That’s why greater security investments top our CISO holiday wishlist.

And for many CISOs, this wish may very well come true. While CISOs deal with an influx of threats, 93% of organizations expect to increase their cybersecurity spending over the next year. Great news for security teams, as 85% percent of CISOs say a reduction in their budgets would hinder their ability to respond to threats effectively.

2. Generative AI applications to fill cyber defense and talent gaps

It’s no secret that cybersecurity professionals are stretched thin, struggling to meet the ever-expanding demands of the profession. As cyber criminals increasingly use AI to augment their attacks, CISOs are gearing up to fight fire with fire. Most leading CISOs have already leveraged their maximum gains from automation; according to the CISO Report, 93% surveyed said they have already implemented automation into their processes. So now, they are now turning to machine learning (rather than machine doing) to fill the remaining skills gaps.

Meanwhile, 35% of CISOs are already using AI for security applications, and 61% will likely use it in the next year. When it comes to using generative AI for cyber defense, CISOs hope to use it for strategic functions, like prioritizing alerts and managing security posture analysis and internal communications.

In addition to security applications, CISOs hope generative AI will alleviate skills gaps and talent shortages. CISOs also want to use AI to elevate their staff’s skill sets and education in order to ramp up their organization’s overall security posture.

In short, the reality is: There aren’t enough cybersecurity professionals to meet demands, and not even Santa’s reindeer can bring the sleigh-load of cyber experts you need — so it’s time to get creative to fill those gaps.

3. Cross-functional collaboration between security, IT and engineering teams

Collaborative organizations with teams that work together can better prevent smaller issues from becoming major disasters, more quickly remediate incidents and ultimately become more adaptable to changing environments. Not only that, collaboration between ITOps, SecOps and software engineering is a significant factor in building, expanding and maintaining digital resilience. That’s why cross-functional collaboration between these teams rounds out our CISO holiday wishlist.

And there are signs that this collaboration is already happening. Security functions are now working more closely with, or are even integrated into, application development, observability and customer experience. Of the CISOs surveyed that have already invested in cross-functional collaboration, the benefits are undeniable. 37% see greater visibility across the attack surface and 40% experience greater knowledge transfer between groups. In addition, 44% now benefit from greater integration between security and IT operations tools and processes, ushering in a new era of resilience. Although CISOs will navigate security headwinds differently, there is one universal truth: They can’t go it alone.

The gifts that keep on giving

These wishlist items aren’t just short-term wants. Cybersecurity is non-negotiable, and if organizations want to stay off the “naughty list” with regulators and consumers, they must make sure that their CISOs’ SOCs are filled with the resources and tools they need to get the job done.

For more insight on what fellow cybersecurity leaders want most from their organizations, read the full CISO Report.

Read more Perspectives by Splunk

JULY 11, 2023 • 4 minute read

3 Lessons From Cybersecurity Leaders in 2023

The research is in: Here's what we learned from surveying 1,500+ leaders in DevSecOps about the state of security today.

September 5, 2023 • 3 minute read

The Top 3 Challenges Threatening a CISO's Agenda

More than 1,500 security and IT leaders weighed in about potential threats in our recent research report, The State of Security 2023. Here’s what they’re worrying about the most.

OCTOBER 20, 2023 • 5 minutes

CISOs in the Hot Seat: On Managing Liability

A year after Uber’s former CISO was convicted of federal charges for mishandling a data breach — and with increasing regulations for incident reporting — how are CISOs thinking about their legal responsibilities?

Get more perspectives from security, IT and engineering leaders delivered straight to your inbox.