Netskope research finds financial sector CISOs have greater risk appetites today than five years ago

Netskope research finds financial sector CISOs have greater risk appetites today than five years ago

The Financial CISO: Bringing Balance report is based on research with over 1,000 CISOs globally, and it explores the evolution of the financial sector CISO role as a strategic member of the executive team, comparing the sector to cross-sector averages to identify unique insights.

The research found that the CISO role in the financial services sector is undergoing a transformation:

  • 81% of CISO respondents in the financial services sector said that their role was changing rapidly (compared with 65% across all industries).   
  • More than three-quarters (76%) of finance CISOs want to play a more active role as a business enabler going forward (compared to an average of 67%).
  • 81% of finance CISOs say their appetite for risk has grown in recent years (much higher than the average of 57%). 

However, the majority of CISOs report that there is a lag in the understanding of their potential among their C-suite peers…

  • Two in three CISOs (65%) believe that other members of the C-suite fail to see that the CISO role makes innovation possible.
  • 89% of finance CISOs said that conflicting risk appetites is an issue in their C-suite.

… but in order to bring balance to their organisation, CISOs believe that the emerging industry trend toward zero trust principles, will help them achieve it: 

  • More than two-thirds of finance CISOs (68%) believe a zero trust approach will enable them to balance conflicting priorities better (higher than cross-sector averages of 55%).
  • 78% believe that it will enable their organisation to move faster, while 68%believe it will encourage innovation.

The report also found that as financial services sector CISOs grow in confidence in their evolved role, they expect to base their decisions in the years ahead on creating a more open and flexible organisation, over a more closed and secure one, including by:

  • Anticipating prioritising flexibility for the workforce over protection of the workforce when making productivity decisions.
  • Taking more open approaches to providing the right people with access to information, data and tools they need.
  • Experimenting at speed is expected to become prioritised over a need to minimise risk.

James Robinson, CISO at Netskope, said: “The research makes it clear that CISOs in the financial sector are generally hungry to play a more proactive role that enables innovation while also protecting the business. In my experience, the best way to make CISOs more proactive partners across the C-suite is to gain deep understanding of the business challenges C-suite colleagues are focused on solving and align those to security strategies, rather than attempt to assert security strategy – or individual technology choices – on what is perceived to be C-suite risk appetite.

“Too often this alignment doesn’t occur among teams. But CISOs who are able to define the ways they are helping their C-suite peers to acquire new revenues, drive efficiencies and navigate regulatory requirements, will be recognised as valuable contributors at the highest levels.”