BlackFog: Personal Liability Concerns Impact 70% of Cybersecurity Leaders

San Francisco, CA, 12 December 2024 — BlackFog, the leader in ransomware prevention and anti data exfiltration (ADX), today unveiled its research conducted with UK and US IT Security decision makers¹ .

The research revealed that the majority of respondents, 70%, felt that stories of CISOs being held personally liable for cybersecurity incidents has negatively affected their opinion of the role.  Around a third of respondents, 34%, believed that the trend of individuals being prosecuted following a cyberattack was a ‘no-win’ situation for security leaders: facing internal consequences if they report failings and prosecuted if they don’t.

However, as cybersecurity leaders face increased scrutiny from regulators, the research also indicated that the increased accountability has led to internal changes to improve cybersecurity practices within their organization: 44% of respondents stated that their organization had already implemented processes to reduce their cybersecurity exposure, as a result.

The other key findings show: 

• 41% of respondents say the trend of cybersecurity leaders facing increased scrutiny and the potential of personal liability has made the Board take cybersecurity more seriously. This was higher amongst UK respondents, with 47% of security leaders in the UK agreeing it was given greater consideration as a result, versus 35% in the US.
• This has yet to translate into more resources, as only 10% of all respondents stated that this has resulted in additional money devoted to cybersecurity.

• Nearly half of all respondents, 49%, believe that the potential for an individual to be prosecuted following a cyberattack would improve accountability and transparency amongst cyber professionals. This was higher for respondents in the US (55%) compared with those in the UK (43%).
• When asked about the impact on the cybersecurity leaders of the future, however, only a small proportion of respondents, 15%, believed that it would be deterrent for IT professionals to become CISOs.

Commenting on the findings, Dr. Darren Williams, CEO and Founder, BlackFog said: “The role of the CISO is all about managing risk for the organization but, as regulations tighten, security leaders increasingly need to consider their own personal risk. High profile instances of individuals being charged will no doubt add to the pressures they feel but could also be a catalyst for Boards to support their leaders. Improvements to governance, clear lines of reporting and incident response procedures are vital, but this must be supported by allocated resources so that security leaders can implement the security measures they need.”

Founded in 2015, BlackFog is a global cybersecurity company that has pioneered on-device anti data exfiltration (ADX) technology to protect companies from global security threats such as ransomware, spyware, malware, phishing, unauthorized data collection and profiling. Its software monitors enterprise compliance with global privacy regulations and prevents cyberattacks across all endpoints. BlackFog uses AI to preemptively prevent hackers from exploiting vulnerabilities in enterprise security systems and data structures.

BlackFog recently won the “Best Threat Intelligence Technology” in the 2024 Teiss Awards, “AI-based Cybersecurity Innovation of the Year” award in the CyberSecurity Breakthrough Awards, as well as a Gold award in the Cybersecurity Excellence Awards for Best Virtual CISO Offering, a Silver award for Ransomware Protection and Most Innovative Cybersecurity Company in 2023. BlackFog also won a Globee award in 2023 for the State of Ransomware report which recognizes outstanding contributions in securing the digital landscape.

BlackFog’s preventative approach to security recognizes the limitations of existing perimeter defense techniques and neutralizes attacks before they happen at multiple points in their lifecycle. Trusted by corporations all over the world, BlackFog is redefining modern cybersecurity practices. For more information visit https://www.blackfog.com

Code Red Communications

BlackFog@Coderedcommunications.com

¹ Methodology

The results from this survey are from an online survey Sapio Research fielded on behalf of BlackFog with IT Security Decision Makers in companies of over 500 employees across the UK (200) and US (200). The research was conducted in July 2024.