CISOs feel personal liability for security failures.
Cybersecurity control failures can cost businesses around £10 billion per year, with around two-thirds of organizations suffering a security breach in the past year because of policies, governance, or due to controls failing or not working effectively.
According to research from Panaseer, this is leading to 72 percent of security leaders taking out personal indemnity insurance to protect themselves from the consequences of security failures.
Jonathan Gill, CEO at Panaseer, said: “Some CISOs have been forced to plaster over the cracks with personal indemnity insurance: but this treats the symptoms without addressing the causes. If this blame game culture continues whilst CISOs are left powerless to provide accurate assurances, many will leave the industry – either of their own volition, or at the behest of courts.”
Also, 75 percent of security leaders feel they have greater personal liability for security failures now compared to two years ago. “It’s understandable that security leaders have mixed feelings about having greater liability, said Gill.
“For some, it will sharpen the mind – raising standards across the industry. For others, it’ll pile more pressure onto an already demanding role. Ownership, accountability, and responsibility are positives in cybersecurity, but if those tenets go too far, they put undue stress on individuals, rather than the collective. The industry must avoid putting a target on a single person’s back. CISOs shouldn’t be made scapegoats for security incidents, whilst ignoring all the good work they do.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
