Risk appetites have grown for 81% of CISOs

Netskope has published a new report analyzing the evolution of the CISO role within the retail sector. ‘The Retail CISO: Bringing Balance’, is based on research with over 1,000 CISOs globally, and it explores the evolution of the retail sector CISO role as a strategic member of the executive team, comparing the sector to cross-sector averages to identify unique insights.

  • 2 months ago Posted in

81% of retail CISOs say their appetite for risk has grown in recent years (much higher than the cross-sector average of 57%), but all (100%) believe conflicting risk appetites in the C-suite are a major issue.

Less than 2% of retail sector CISOs classify their risk appetite as low

However, nearly a quarter (23%) would describe their CEOs’ risk appetite as low

Retail CISOs see interactions with the C-suite and business as a constant balancing act, with 47% reporting that most interactions are about risk and 53% countering that most are about opportunity

An overwhelming majority (98%) of retail CISOs now consider themselves to be business enablers (well above the cross-sector average of 59%), and more than four-fifths (87%) want to play a more active role as a business enabler going forward (compared to an average of 67%). 86% of retail CISOs increasingly see their role as improving business resilience, not just managing cyber risk.

Retail CISOs are clear that they want to embrace more measured, centralized decision-making processes knowing the high levels of governance involved. This again contrasts with all other sectors who saw themselves moving the other way—drawn to a model described as “agile, fast decision-making with devolved responsibility”.

One of the pathways identified by retail CISOs for achieving the sometimes conflicting goals of the C-suite is adopting a zero trust approach. More than two-thirds (72%) believe zero trust will help them balance conflicting priorities better (higher than cross-sector averages of 55%), enable their organizations to move faster (77%) and encourage more innovation (71%).

Commenting on the findings, James Robinson, Chief Information Security Officer, Netskope said:

“Over the past decade, CISOs in the retail sector have transformed themselves, and their appetite for risk - along with their confidence in their ability to transform their organization - is marked. They have clearly identified that a zero trust approach holds advantages for their organizations, and are embracing it earlier than other industries - 71% already follow zero trust principles compared to sector averages of 44%.

However, in order to elevate their standing among their C-suite peers, CISOs will need to ensure their strategic discussions do not fall back into conversations about technology tools. Communication must focus on business enablement and business risk.”

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with...
Kyndryl and WPP, the creative transformation company, have created a modern, digital workplace...
The majority (87 percent) of IT professionals agree that there is a lack of gender diversity in the...
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t...
PagerDuty has released a study that reveals service disruptions remain a critical concern for IT...
NVIDIA continues to dominate the AI hardware market: powering over 2x the enterprise AI deployments...
Skillsoft has released new research exploring organizations’ strategic priorities for 2025 and...