Singapore – 90% of organisations were hit with at least one major cyber attack in the last year, with 83% of security leaders have paid ransoms to their attackers during cyberattacks, according to data security and IT software provider Splunk’s 2023 global CISO survey which covered 350 security leaders in total as respondents.

According to the report, more than half of the respondents paid at least $100,000, and every 1-in-11 paid a staggering $1 million or more.

Specifically, numerous industries experienced ransomware attacks that significantly impacted their systems and business operations, including financial services (59%), retail (59%) and healthcare (52%). The retail industry is the most likely to pay the ransom, with 95% of respondents reporting they either paid directly, through cyber insurance or a third party.

While all regions reported paying the ransom, APAC was more likely to pay $1 million or more as compared to its counterparts, and also suffered the most from disruptive cyber attacks.

Notably, 86% of surveyed chief information security officers (CISOs) believe that generative AI will alleviate skills gaps and talent shortages on the security team, filling labour-intensive and time-consuming security functions and freeing up security professionals to be more strategic. 35% percent report using generative AI for positive security applications and an additional 61% will likely use it within the next 12 months.

On the other hand, 70% of CISOs also believe generative AI could give cyber adversaries more opportunities to attack, yet 35% are already experimenting with it for cyber defence including malware analysis, workflow automation and risk scoring.

CISOs also overwhelmingly responded that tool sprawl is a major concern, likely adding to existing visibility issues. Majority say they see a need to rein in security analysis and operations tools with solutions like security orchestration, automation and response (SOAR), security information and event management (SIEM) and threat intelligence. CISOs are looking to decrease the number of tools they use and simplify processes with automation.

The report also mentioned that CISOs and organisations are now prioritising cybersecurity, with 47% of organisations now adding CISOs as part of the C-suite, and 93% of respondent CISOs expecting an increase in their cybersecurity budget over the next year. Additionally, 92% of respondents report either a significant or moderate increase in cybersecurity collaboration between security teams, IT and engineering organisations, largely driven by initiatives like digital transformation, cloud native development and a greater emphasis on risk management.

Jason Lee, CISO at Splunk, said, “The C-Suite and board of directors are increasingly relying on CISOs for guidance across a sophisticated threat landscape and changing market conditions. These relationships provide CISOs the opportunity to become champions who strengthen an organisation’s security culture and lead teams to become more cross-collaborative and resilient.”

“By communicating key security metrics, CISOs can also guide boards on adopting emerging technologies, such as generative AI, to help improve cyber defence management and prepare for the future,” he added.

Singapore – When it comes to marketing strategies, thought leadership content may not be looked to as the most reliable, with its nature not necessarily one to be said as a ‘hard sell’. 

For one, thought leadership content banks on the bulk and credibility of content rather than, say, the impact and swiftness of creative copy. Thought leadership would also of course at the onset, require thought leaders, and this alone takes a process to establish or develop; however, when it comes to chief information security officers (CISOs) as consumers, the persuasion of thought leadership may be stronger than it is given credit for. 

According to research by Code Red, a global PR-communication security network, which surveyed 52 IT security decision-makers in Singapore, about 46 percent of CISOs in the country claim to have used thought leadership content when making a final decision to appoint a cybersecurity company. 

Furthermore, even if a deal has already been agreed on, thought leadership remains a paramount guide, with 38 percent of the surveyed CISOs increasing their business with an existing supplier because of strong thought leadership. 

According to the study, 83 percent of CISOs in Singapore would pay a premium to work with cybersecurity vendors that are simply thought leaders. 

Indeed, cybersecurity companies have a lot to learn from this insight. Not only is it an effective tool in building trust among potential customers, it’s that it also presents as a reliable way to manage retention among consumers, showing to be influential in every stage of the customer buying life cycle among CISOs.  

The effectiveness of thought leadership may be owed to the sophisticated nature of both the consumer and the vendor of this situation, with cybersecurity naturally being a complex product. The study just further proves that cybersecurity vendors ought to treat such type of content as a whole funnel tactic, rather than just top-line awareness. 

Studying further on how CISOs locate trusted thought leadership content, the research found three key approaches they use: independent research using keywords, reviewing content shared by friends or family, and reading trade media publications. 

“This ‘trusted triangle’ is the gateway between thought leadership and its target audience,” said Code Red. 

The study found that 73 percent of CISOs in Singapore measure credibility based on whether the content provides detailed information on the subject that they are interested in, with the same volume of respondents – 73 percent – confirming that IT and cybersecurity trade media is their preferred format of content.

Robin Campbell-Burt, CEO at Code Red, comments on the findings, “Thought leadership is a fundamental prerequisite for successful marketing campaigns, and the report findings are testament to that. Establishing yourself as an industry thought leader is no mean feat as it takes effort and persistence, but those who commit themselves to this marketing approach will gain an important competitive advantage and build value for stakeholders in their own business.”