Over half of CISOs measure security program maturity monthly

Image via Unsplash

Chief Information Security Officers (CISOs) were surveyed on their security programs and risk management strategies. According to the survey, 89% of CISOs measure the maturity and performance of their full security program at least once each quarter, and more than half of CISOs measure monthly.

Thirty-three percent of CISOs are not working towards a same-day mean time to detect (MTTD), and do not have a service level agreement (SLA) to start working on mitigating risk within 8 hours of a breach.

With the average SLA for patching and resolving critical vulnerabilities remaining at 16.3 days, attackers have a favorable landscape to launch attacks and deepen their foothold.

The average mean time to respond (MTTR) CISOs report is 9 hours, with the IT industry being the fastest to respond to threats, in under 7.4 hours.

Read the full report here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.