"CISOs Worried About Personal Liability For Breaches"

According to security researchers at Proofpoint, over three-fifths (62%) of global CISOs are concerned about being held personally liable for successful cyberattacks that occur on their watch, and a similar share would not join an organization that fails to offer insurance to protect them.  The researchers polled 1600 CISOs from organizations of 200 employees or more across different industries in 16 countries.  The researchers found that CISOs in sectors with high volumes of sensitive data and/or heavy regulation, such as retail (69%), financial services (65%), and manufacturing (65%), are most likely to demand insurance coverage.  The researchers noted that a combination of high-stress working environments, shrinking budgets, and personal liability could be harming CISOs’ quality of life.  Some 60% told the researchers that they’ve experienced burnout in the past 12 months.  CISOs are most likely to experience burnout in the retail (72%) and IT, technology, and telecoms (66%) industries.  The researchers stated that nearly two-thirds (63%) of respondents said they have had to deal with the loss of sensitive information in the past year, with a similar number (61%) claiming their organization would not be able to cope with a targeted attack.  Email fraud (33%), insider threats (30%), cloud account compromise (29%), and DDoS attacks (29%) topped the list of concerns.

Infosecurity reports: "CISOs Worried About Personal Liability For Breaches"