Nearly half (45%) of companies do not employ a Chief Information Security Officer (CISO) as part of their security strategy. Of this group, 58% of security, IT and compliance professionals think their company should hire a CISO. Only 40% of respondents stated their cybersecurity strategy was developed by a CISO or member of the security team, with 60% relying on other parts of their organization, including IT, executive leadership and compliance.
A survey from Navisite polled 130 security professionals in the U.S. to determine their perceptions on the state of cybersecurity leadership and readiness within their organizations. The report, titled "The State of Cybersecurity Leadership and Readiness," found that more than 80% of respondents described their job title as either executive leadership or management, with more than 60% of respondents coming from mid-sized organizations between 100-5,000 employees.