Three in five global board members view generative AI as a security risk

**Ryan Kalember, Executive Vice President of Cybersecurity Strategy at Proofpoint.**

Proofpoint, Inc., a leading cybersecurity and compliance company, recently released its second annual Cybersecurity: The 2023 Board Perspective report, which explores board of directors’ views on the global threat landscape, cybersecurity priorities, and relationships with CISOs.

The findings reveal that nearly three-quarters (73%) of those surveyed feel at risk of a material cyber-attack, a notable increase from 65% in 2022. Likewise, 53% feel unprepared to cope with a targeted attack, up from 47% the previous year. Interestingly, recent research from Proofpoint illustrates similar sentiments are shared by CISOs in the Middle East, with 55% of KSA CISOs and 75% of UAE CISOs admitting they feel at risk of experiencing a material cyber-attack in the next 12 months. Half of CISOs in the Middle East believe their organisation is unprepared to cope with a targeted cyber-attack.

This year-over-year change may reflect the ongoing volatility of the threat landscape, including lingering geopolitical tensions and rises in disruptive ransomware and supply chain attacks. The emerging risk of artificial intelligence (AI) tools such as ChatGPT may also be contributing to these sentiments: 59% of board members believe generative AI is a security risk for their organisation.

Global board members have those concerns even though 73% view cybersecurity as a priority, 72% believe their board clearly understands the cyber risks they face, and 70% believe they have adequately invested in cybersecurity.

The Cybersecurity: The 2023 Board Perspective report examines global, third-party survey responses from 659 board members at organisations with 5,000 or more employees across different industries. In June 2023, more than 50 board directors were surveyed in each market in each of the following 12 countries: the U.S., Canada, the UK, France, Germany, Italy, Spain, Australia, Singapore, Japan, Brazil, and Mexico.

The report explores three key areas: the cyber threats and risks boardrooms face, their level of preparedness to defend against those threats, and their alignment with CISOs based on the sentiments Proofpoint uncovered in our 2023 Voice of the CISO report. We found a similar year-over-year increase in the number of CISOs who feel at risk and unprepared, and a closer alignment than before between board directors and security leaders.

“The newfound alignment between board members and their CISOs on cyber risk and preparedness is a positive sign that the two sides are working closer together and making progress. However, this growing alliance hasn’t yet delivered significant changes in cybersecurity posture, despite boards feeling good about the time and resources they’re investing to combat this risk”, said Ryan Kalember, Executive Vice President of Cybersecurity Strategy at Proofpoint. “Our findings show that it remains a challenge to translate increased awareness into effective cybersecurity strategies that protect people and data. Growing even stronger board-CISO relationships will be instrumental in the months ahead so directors and security leaders can have more meaningful conversations and ensure they’re investing in the right priorities”.

Key global findings from Proofpoint’s Cybersecurity: The 2023 Board Perspective report include:

Generative AI has the boardroom’s attention: with tools such as ChatGPT getting much of the spotlight in recent months, 59% of those surveyed view this emerging technology as a security risk to their organisation.
Year-over-year comparison shows board members’ increasing concerns about cyber risk: 73% of those surveyed feel their organisation is at risk of a material cyber attack, compared to 65% in 2022.
Awareness and funding do not translate into preparedness: 73% of directors agree that cybersecurity is a priority for their board, 72% believe their board clearly understands the cyber risks they face, 70% think they have adequately invested in cybersecurity, and 84% believe their cybersecurity budget will increase over the next 12 months; however, these efforts are not leading to better preparedness—53% still view their organisation as unprepared to cope with a cyber attack in the next 12 months.
Board members and CISOs have similar concerns about their biggest threats: board members ranked malware as their top concern (40%), followed by insider threat (36%) and cloud account compromise (36%). This is only slightly different from CISOs’ top concerns of email fraud/BEC (33%), insider threat (30%), and cloud account compromise (29%).
Directors are not completely aligned with CISOs in the areas of people risk and data protection: while most directors (63%) and CISOs (60%) agree that human error is their biggest risk, board members are much more confident in their organisation’s ability to protect data—75% of directors share this view, compared to only 60% of CISOs.
Bigger budgets, additional cyber resources, and better threat intelligence top boardrooms’ wish lists: 37% of board directors said their organisation’s cybersecurity would benefit from a bigger budget, 35% would like to see more cyber resources, and 35% would like better threat intelligence.
Board-CISO interactions and relationships are gradually improving: 53% of directors say they interact with security leaders regularly. While an increase from last year’s 47%, it still leaves nearly half of all boardrooms without strong CISO-C-suite relationships. Board members and CISOs are generally closely aligned when they do interact, however, with 65% of board members saying they see eye-to-eye with their CISO and 62% of CISOs agreeing. From a regional lens, previous Proofpoint research shows that 63% of CISOs in the UAE and 45% of CISOs in KSA agree that board members saw eye-to-eye with them on cybersecurity issues.
Personal liability is a concern for boards and CISOs alike: 72% of board directors expressed concern about personal liability in the wake of a cybersecurity incident at their own organisation—and 62% of CISOs agree.

“Board members are taking cybersecurity matters seriously, demonstrating they have no illusions about human risk and the impact cyber threats pose to an organisation’s bottom line. They are making strides in their relationships with security leaders, understanding that strong board-CISO partnerships are more critical than ever”, said Kalember. “But this is not a time to grow complacent. Boards must continue to invest heavily in improving preparedness and organisational resilience. This means pushing for even deeper, more productive conversations with CISOs to ensure directors are making informed, strategic decisions that drive positive outcomes”.

To download Cybersecurity: The 2023 Board Perspective report, please visit: https://www.proofpoint.com/us/resources/white-papers/board-perspective-report

Survey reveals misalignment between cybersecurity and business goals in the UAE and KSA

Bybit opens global headquarters in Dubai on the heels of 50% increase in user base

DIFC Courts reinforces its commitment to sustainability following expansion of its digital infrastructure

NETSCOUT adds new data centre presence in Dubai with added Arbor Cloud Capabilities

Dubai ranks as the second most crypto-ready city in the world

LinkShadow reinforces its commitment to Saudi Arabia

Huawei Cloud’s Riyadh launch boosts Saudi tech advancement

Cisco unveils new data centre to enhance security services in Saudi Arabia

Survey reveals misalignment between cybersecurity and business goals in the UAE and KSA

Google Cloud announce significant new collaboration with Saudi Pharmaceuticals giant

KROHNE delivers insights to inspire the next generation of engineers in Oman

Oracle supports major project to accelerate Oman digital economy

Ooredoo accelerates cybersecurity in Oman with new deal

Omantel selects Ericsson to manage its nationwide multi-vendor networks

Oman TRA shares plans to accelerate 5G deployment

BDB launches “tijara” platform for SMEs

Bahrain achieves full nationwide 5G coverage

Batelco, SonicWall launch integrated security solutions for SMEs in Bahrain

Bahrain to offer COVID-19 test results on WhatsApp, Facebook Messenger

Infor supports Bahrain’s digital transformation

Infopercept opens its first Middle East office in Kuwait

Microsoft Compliance Manager now available in Kuwait

Commercial Bank of Kuwait gets mobile payments moving with Thales Digital Solutions

Ooredoo chooses Fortinet to deliver secure SD-WAN managed services in Kuwait

Zain rolls out first-ever 5G roaming service in MENA

Looking for the best label solutions in South Africa? Go OKI!

OKI is only going bigger in the South African market!

Huawei honours Women in Tech at Apps UP 2022

Amazon payment services launches in the MENA region

Egypt turns to AI to deliver COVID-19 diagnosis service to People of Determination

Vertiv extends partnership with MDS SI Group to enhance digital infrastructure solutions

Bosch sees 21% sales surge in the Middle East

“AI has been in Google’s DNA from the beginning – we are an AI-first company” – Tarek Khalil, Google Cloud

How companies can future-proof their business with Web3

“Diversity, equity and inclusion are a core part of our culture and values at AWS” – Yasmine Afifi

Gender Lens investing vital to economic recovery

Virgin Hyperloop unveils location for Hyperloop certification centre

TikTok taps Oracle as secure cloud provider

Zoom gets security boost with Keybase acquisition

Why collaboration is the answer to the successful roll-out of 5G

OPSWAT invests $10 Million in scholarship learning program to help close cybersecurity skills gap

Alef Education showcases the Alef Metaverse to improve climate education at COP28

Bybit and AUS unveil the tech talents of tomorrow

How digital education solutions can help students achieve their full learning potential

Seeds for the Future 2023: Huawei gathers ME & CA’s brightest ICT talent in Qatar

Huawei launches ground-breaking solar inverter at World Future Energy Summit

Middle East Energy to further boost their sustainability agenda

EDF UK selects Dynatrace to keep the power flowing

KROHNE harnessing the power of analytics to drive energy transformation

“All of us are pulling in the right direction for a better tomorrow” – Frank Janssens, VP at KROHNE

Above and ‘Beyon’ – New Money SuperApp launched in the UAE

New cross-border payments platform Digit9 launches in the UAE

Hub71 partners with global economic transformation specialist on MENA start-up ecosystem

Spheroid Universe coin to be listed on MEXC exchange

DIFC Innovation Hub launches AccelerateHER program

Innovating Finance: UAE’s Pioneering Role in the Blockchain and Crypto Landscape

Pioneering Sharjah’s Digital Revolution

Interview: Shaping a Secure World

Dubai Chamber of Digital Economy scouts Asia for tech start-ups

Government leaders from IT sector honoured at GovTech Innovation Awards

Dubai Science Park study backs R&D localisation amid projected surge in UAE healthcare spending

MarkiTech expands GCC footprint

MoHAP Launches Health Sector’s First National Centre of Excellence for AI

Korian Benelux future-proofs residential Care with AI-driven solutions

SAS accelerates responsible innovation efforts with new collaborations

Digitalisation key to accelerating construction development in Middle East, says Trimble

R&M Introduces First Single Pair Ethernet System to Support Middle East Smart Building Trend

To ‘upsmart’ your building, start with the elevator

Renters searching for homes online surge amid coronavirus fears

Emirati tech entrepreneur launches new app to ease Dubai’s rental woes

Brands Beware: The Application Generation Demands Seamless Digital Experiences

Opinion: Brands must respond to meet heightened customer expectations

Thriwe: Enhancing the Omni-channel experience

Navigating the Festive Cyber Landscape: Ensuring Online Safety during Holiday Shopping

Celebrate the Dubai Shopping Festival with Eros Electronics’ exclusive deals

Interview: OTIFYD’s intelligent approach to cybersecurity

Extreme Introduces Hub for Research, Development and Innovation in Networking

Interview: AI continues to strengthen cyber defence

Help AG Unveils Top Digital Threats and Trends in Cybersecurity

AVEVA launches CONNECT, the world’s leading industrial intelligence platform, at Hannover Messe