8th Annual e-Crime & Cybersecurity Congress Spain
15th November 2022 • Hotel NH Collection Eurobuilding, Madrid
With limited resources and a talent pool drained by a surge in local tech start-ups, do CISOs need to rethink their models?
Moving to a more realistic security model
Recent research from ObservaCIBER reveals that one in six companies in Spain has suffered a cybersecurity incident. The Spanish National Institute of Cybersecurity says the country has suffered more than 150,000 cyber attacks in the last 36 months.
ObservaCIBER’s research also shows Spanish businesses are below the EU average on documenting their ICT security; and only 38% are able to manage security in-house. This suggests that resources are still a significant problem.
The effects of CISOs’ struggles are showing up in the business: that same research shows Spanish consumers’ mistrust of online security is growing faster than in the rest of the European Union, by 8 percentage points over the last year alone. In an era in which more customers than ever are moving online, no business can afford to lose trust in this way.
They are taking too long to implement critical protections and defences; and they are struggling to recruit the talent they need to improve their performance.
The challenges faced by Spanish CISOs are not unique: security is still seen by most companies as a cost to be minimized rather than an essential element of digital business strategy. And talent acquisition and retention is difficult everywhere. At last year’s e-Crime Congress Spain, 81% of attendees said that they did not have enough people in their security teams.
So, how are CISOs coping with these challenges?
Do traditional security stacks make sense or are companies having to rely more on the security tools embedded in their enterprise application suites and cloud solutions?
Is the answer to outsource security entirely to managed service providers and other third-parties?
And as truly Big Data and new digital ‘marketplace’ business models become the foundation of even SMEs’ futures, how can companies be sure that they are securing their digital future?