The devastating May 2021 ransomware attack that shut down Colonial Pipeline Co.’s East Coast pipeline has created a heightened sense of urgency for nervous C-suite executives and corporate boards. Cybersecurity budgets were already expected to be steep in 2021, and high-profile hacks, such as SolarWinds and Colonial Pipeline, have historically resulted in “blank-check” cybersecurity mandates.
To put this new focus on cybersecurity into perspective, consider Proofpoint’s 2021 Voice of the CISO Report. According to the report, 64% of surveyed CISOs feel at risk of suffering a material cyberattack in the next year, and slightly more CISOs (66%) believe their organization is unprepared to cope with a targeted cyberattack in 2021.
While awareness is also on the rise, boardroom support has not yet caught up, according to the report. A majority of CISOs said they are more concerned about the repercussions of a cyberattack in 2021 than they were the previous year, according to the report. Although most CISOs generally agree (67%) that the expectations on their function are excessive, only 25% of global CISOs strongly agreed that their board sees eye-to-eye with them on cybersecurity issues.
“CISOs hold a business-critical function, now more than ever,” said Ryan Kalember, EVP of cybersecurity strategy for Proofpoint. “The findings from our report emphasize that CISOs need the tools to mitigate risk and develop a strategy that takes a people-centric approach to cybersecurity protection to address ever-changing conditions, like those experienced by organizations throughout the pandemic.”
Together, the survey results show this is an historic opportunity for cybersecurity vendors ready to step up and engage business leaders looking for solutions.
Cybersecurity vendor FireEye seems up to the task. It was the first to sound the alarm on SolarWinds with U.S. law enforcement after discovering the far-reaching security compromise back in December 2020. It was also brought in to respond to the Colonial Pipeline attack, as reported by Reuters in May 2021. This gives FireEye a legitimate head-start in the race to win the trust of the C-suite. The new focus by C-suite executives on ransomware attacks, such as the one inflicted upon Colonial Pipeline, has caused “an increase in upselling to better and more full intelligence packages once they know that they don’t have the intelligence that they need,” according to Sandra Joyce, EVP and head of global intelligence at FireEye.
Not to be outdone, vendors such as Everbridge, a software firm focused on business continuity, have focused on engaging C-suite decision-makers looking to shore up their cybersecurity agendas. CEO David Meredith noted on a May 2021 conference call that the company is engaging with CIOs, and sometimes empowered CTOs, CSOs and digital officers.
“We can say, ‘Look, we have one platform to support your entire enterprise across all digital and physical risks and remediation,’” Meredith said.
Okta CEO Todd McKinnon said his company is addressing what’s top-of-mind with C-level executives, from driving growth to reducing costs and future-proofing their businesses.
“They have to manage this new environment, implementing an identity solution that meets their complex technology needs," McKinnon said.
Fortinet CFO Keith Jensen discussed his company’s efforts in responding to C-suite concerns, specifically related to cybersecurity, during an April 2021 earnings call with analysts.
“Security is top of mind for so many companies right now,” Jensen said. “CIOs and CISOs focus on security for a lot of different reasons.”
While cybersecurity and digital transformation have been a priority across a number of industries, oil and gas has been a notable exception. But today, oil-and-gas companies see cybersecurity measures as a competitive advantage, according to Suzanne Lemieux, the American Petroleum Institute’s manager of operations, security and emergency response policy.
“You can’t be in business right now if you’re not taking cybersecurity seriously,” Lemieux said in a recent WSJ article.
Now more than ever, engaging the C-suite directly around this mission-critical issue is of the upmost importance to tech vendors as energy leaders navigate 2021’s many challenges.