CISOs expect Cybersecurity problems to only increase in 2020

Security firm FireEye surveyed over 800 CISOs and other senior executives across North America, Europe, and Asia to help benchmark where we are with Cybersecurity defences

Posted 5 November 2019 by

Cybersecurity firm FireEye says over half (51%) of organisations it recently contacted don’t think they’re set up to handle a cyber attack or breach event.

The findings are contained in its first-ever FireEye Cyber Trendscape Report, which also shows that 56% of those polled expect the risk of cyber threats to only increase next year.


To compile its report, the firm surveyed over hundreds of CISOs (Chief Information Security Officers) globally to better understand their attitudes towards some of the most prevalent topics in cybersecurity today.

Globally, participants consistently identified the same solutions as having the most positive impact on their ability to prevent a cyber attack.

So vulnerability management and security software took the lead (slightly above 16%). Employee training was the third (14%), followed by response plans and security hardware (both slightly above 12%).

When it came to Cybersecurity investment areas with the greatest potential positive impact to an organisation’s ability to prevent a cyber attack or breach, French-based participants were the only ones to identify “employee training” as their top priority, if they did not have constraints.

Furthermore, research revealed that 1% of those surveyed in France do not have an employee Cybersecurity training program in place, compared to the global average of slightly above 11%.

In contrast, 25% of organisations in Germany and 23% in Canada report not having employee Cybersecurity training in place. These numbers are especially concerning, says the company, “considering that a cyber attack can often result from just one employee clicking on a single hyperlink”.

Some of its other key findings include:

  • Breach readiness has room for improvement Nearly 29% of organisations with cyber attack and breach response plans in place have not tested or updated them in the last 12 or more months
  • The vast majority (76%) plan to increase their Cybersecurity budget in 2020. 
    The greatest number of U.S. participants (39%) indicated budgetary increase plans of 10% or more, followed by the UK (30%) and Korea (22%)
  • Varying global viewpoints
    • Japanese businesses to prioritise detection capabilities in 2020
    • South Korean CISOs believes nation states to be “most likely source of cyber attacks”
    • US takes the lead in transitioning to the cloud
    • Germany and Japan express concerns regarding cloud security
    • France believes employee training to be a top protection measure.

The FireEye Cyber Trendscape Report was commissioned by FireEye and delivered by Kantar, an independent market research organisation.

Results were derived from an online survey fielded in July-August 2019 for a total of over 800 responses spanning across North America (US and Canada), Europe (France, Germany and the UK) and Asia (China, Japan and South Korea).

Setup questions were used to ensure that only Cybersecurity executives were in the sample, which was defined as those at the C-level or above, ‘Vice President’, or ‘Senior Director’ level.

“Our new FireEye Cyber Trendscape Report highlights the overall beliefs and perceptions of senior leaders regarding top cyber security priorities for 2020 and beyond, as well areas where they differ across the globe,” claimed Eric Ouellet, Global Security Strategist at the company.

“These critical data points will help organisations to bring focus and clarity to their cyber security programs, while helping to expand the dialogue with senior leadership and the board.”