The Top 3 Findings From Splunk’s CISO Report

Leadership Jason Lee

Talk about a plot twist: Eighty-six percent of CISOs say their role has changed so much that it’s practically a different job than when they first started.

Throughout my career as a CISO, I've witnessed transformational change in the cybersecurity landscape, so it’s not surprising to me that the security leaders forging the path ahead are juggling a whole new set of responsibilities now. To understand the dynamic challenges and opportunities of the CISO role, a team of us at Splunk gathered the insights of hundreds of CISOs, CSOs and other executive security leaders: surveying 350 people and conducting in-depth interviews with 20 people.

The research is published today as The CISO Report, authored by Ryan Kovar, distinguished security strategist of SURGe fame, and Kirsty Paine, field CTO and strategic advisor for EMEA. They sought to understand what it’s like to be a CISO today, from the problems keeping them up at night to the steps they’re taking to expand cross-team collaboration.

I was surprised to learn that across the board, 47% of CISOs report to the CEO, which gives them an unprecedented opportunity to advocate for strengthening the security posture of their organizations. I’ve experienced the impact that educating the board can make, whether it’s about cybersecurity needs within the business or necessary investments to help the organization better withstand cyber risks and attacks. Greater influence of CISOs among the C-suite bodes well for organizations everywhere. There is some variance among industries, however. According to our research, while financial services lagged in terms of the percentage that report to the CEO (34%), an unexpected 84% in healthcare do so.

As CISOs talk more to the CEO, CFO and others in the executive suite, they discovered those leaders care about different KPIs and security metrics today than they did two years ago. I can tell you that in my current and past CISO roles, aligning on these metrics can provide extra job security and influence funding for cybersecurity investments. In our survey, CISOs ranked ROI of security investment as the most important cybersecurity success factor with results of security testing a close second. I’d also add that metrics that determine the maturity of a security program (per the NIST cybersecurity framework) are also key, and they very much have to do with ROI on investments. If the investments boost the maturity of an organization’s cybersecurity program, that’s a quantified outcome right there.

As for the state of cyber defense, the research revealed that 83% of survey respondents paid attackers in the wake of a ransomware attack. I’ve worked with many CEOs, and I know a CEO will pay for a ransom over a loss of revenue any day of the week. Beyond ransomware, cyberattacks haven’t slowed down, as 90% of CISOs report their organization experienced at least one disruptive attack last year. This is tough, especially when you’re trying to obtain cyber insurance. Because breaches are so common, insurance prices are skyrocketing — to buy cyber insurance will cost you something just shy of having to surrender your firstborn, but close enough.

That’s just a brief snapshot of what we learned from The CISO Report, which validated and challenged some of my personal experiences as a CISO. There’s more on how AI will shape cyber defense, how organizations are building a culture of resilience and how organizations will increase cybersecurity investments.

Download the report for a complete analysis, including industry and regional highlights.

Related Articles

From Alert Fatigue to Operational Clarity: Turning Cisco Data Fabric Vision, powered by Splunk, into Agentic Operations Reality
Leadership
7 Minute Read

From Alert Fatigue to Operational Clarity: Turning Cisco Data Fabric Vision, powered by Splunk, into Agentic Operations Reality

Cisco Data Fabric helps organizations prepare data for AI, enabling people and agents to work together faster with trusted context and insights.
Cisco and Splunk Strengthen Enterprise Digital Resilience in the AI Era
Leadership
6 Minute Read

Cisco and Splunk Strengthen Enterprise Digital Resilience in the AI Era

Splunk announces innovations across its observability portfolio to provide organizations deeper visibility into their network health through integrations with Cisco, and faster troubleshooting with the help of AI.
The Top 3 Findings From Splunk’s CISO Report
Leadership
2 Minute Read

The Top 3 Findings From Splunk’s CISO Report

The CISO Report shares findings and insights on how CISOs are addressing the latest threats, keeping up with AI and changing the security culture in their organization.