We all have heard and read how the pandemic has disrupted our lives, how it has accelerated digital transformation to an unprecedented extent and how it challenged the existing security policies and practices. The question is how the people responsible for fortifying their organizations experienced the whole situation.

Letter from the frontline

The ClubCISO community has surveyed its members to understand how CISOs and organizations in general reacted to this crisis. If there is a lesson to be learnt, this is that organizations need to always be prepared and resilient. Crises come and go, new risks will always emerge, but the goal of every organization should be to continue operations even under the harshest conditions.

The ClubCISO 2021 Information Security Maturity Report is like a letter from the frontline. There was never a time before that CISOs were more important to an organization than the past year. “This past year has told us that CISOs and the wider security function are making a tremendously important impact. They just need to maintain momentum, while ensuring their jobs are still enjoyable and their people are still motivated,” notes Tom Berry, ClubCISO Advisory Board Member in the report’s executive summary.

That increased importance of the CISO function is demonstrated in the survey findings – only 14% of organizations still fail to view infosec as important as CISOs do. It was the CISO who managed to prepare and protect their organization to cope with the demands of the pandemic: 88% of the participants admit that their existing capabilities coped with COVID19, while 66% believe that their organization’s security posture improved or remain unchanged during the pandemic.

To achieve this level of resilience, culture plays an important role. This is indicated by the survey findings: 61% of the respondents reported that the existing organizational (Read more...)