2022 Voice of the CISO

The Year Cybersecurity Went Prime Time

As high-profile attacks disrupted supply chains, made headlines and prompted new cybersecurity legislation, 2021 proved to be another challenging time for CISOs around the world.

DarkSide’s ransomware attack on Colonial Pipeline shut down fuel supplies for much of the U.S. East Coast. The Conti group brought Ireland’s health service to its knees and shut down hospitals. Revil ransomware halted production at the world’s largest meat processor, JBS. The REvil group also hit cloud-based managed service provider platform Kaseya. That attack had a ripple effect, compromising other managed service providers that used the company’s remote management software.

And those were just a few of the countless incidents that kept security professionals busy.

These high-profile breaches had profound economic and security implications. They once again showed the world just how vulnerable critical infrastructure and supply chains can be when targeted by cyber criminals. The exorbitant ransom demands in some incidents also led governments to weigh regulations banning payments to cyber crime groups.

With the impact of the pandemic on security teams gradually fading in 2021, another issue reared its head: The Great Resignation. Workers quit in droves or opted out of returning to the workforce—with considerable consequences for information protection and insider threats. Finally, closing the year, the Log4j flaw allowed attackers to execute code and take control of vulnerable device s, disrupting Amazon Web Services (AWS), Cisco, IBM and VMware, among others.

For 2022, we face the most unstable geopolitical landscape Europe has seen in decades, and CISOs are also left to ponder the impact of hybrid warfare on their security posture.

To gauge the mindset of cybersecurity professionals during this challenging time, Proofpoint surveyed 1,400 CISOs from around the world, inviting them to share their firsthand accounts of the past 12 months and offer their insights for the future.

This second annual report explores how CISOs are adjusting in the wake of pandemic disruption, adapting strategies to support long-term hybrid work and battling an increasingly sophisticated threat landscape. We also examine how people put organizations at risk and how CISOs change priorities in response. Finally, we delve into the changing role of the CISO and how they cope with increasing and evolving demands.

This report would not have been possible without the participation of cybersecurity and information security practitioners across the globe. Thank you once again for your insights and feedback.

Lucia Milica, Global Resident CISO at Proofpoint