Risk appetites have grown for 81% of CISOs

Netskope has published a new report analyzing the evolution of the CISO role within the retail sector. ‘The Retail CISO: Bringing Balance’, is based on research with over 1,000 CISOs globally, and it explores the evolution of the retail sector CISO role as a strategic member of the executive team, comparing the sector to cross-sector averages to identify unique insights.

  • 1 month ago Posted in

81% of retail CISOs say their appetite for risk has grown in recent years (much higher than the cross-sector average of 57%), but all (100%) believe conflicting risk appetites in the C-suite are a major issue.

Less than 2% of retail sector CISOs classify their risk appetite as low

However, nearly a quarter (23%) would describe their CEOs’ risk appetite as low

Retail CISOs see interactions with the C-suite and business as a constant balancing act, with 47% reporting that most interactions are about risk and 53% countering that most are about opportunity

An overwhelming majority (98%) of retail CISOs now consider themselves to be business enablers (well above the cross-sector average of 59%), and more than four-fifths (87%) want to play a more active role as a business enabler going forward (compared to an average of 67%). 86% of retail CISOs increasingly see their role as improving business resilience, not just managing cyber risk.

Retail CISOs are clear that they want to embrace more measured, centralized decision-making processes knowing the high levels of governance involved. This again contrasts with all other sectors who saw themselves moving the other way—drawn to a model described as “agile, fast decision-making with devolved responsibility”.

One of the pathways identified by retail CISOs for achieving the sometimes conflicting goals of the C-suite is adopting a zero trust approach. More than two-thirds (72%) believe zero trust will help them balance conflicting priorities better (higher than cross-sector averages of 55%), enable their organizations to move faster (77%) and encourage more innovation (71%).

Commenting on the findings, James Robinson, Chief Information Security Officer, Netskope said:

“Over the past decade, CISOs in the retail sector have transformed themselves, and their appetite for risk - along with their confidence in their ability to transform their organization - is marked. They have clearly identified that a zero trust approach holds advantages for their organizations, and are embracing it earlier than other industries - 71% already follow zero trust principles compared to sector averages of 44%.

However, in order to elevate their standing among their C-suite peers, CISOs will need to ensure their strategic discussions do not fall back into conversations about technology tools. Communication must focus on business enablement and business risk.”

IT teams urged to resolve ‘data delays’ as UK executives struggle to access and use relevant...
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient...
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Now Platform unites ASDA’s operations across Technology, Customer, Finance, and Employee...
The 2024 State of Data Intelligence Report finds companies struggling with AI governance more than...
Over a quarter (26%) have already turned to outsourcing as a solution.
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...