2015 is nearly three week young and I am afraid we are going to see more of the same exposures as we did in 2014. Not much has changed in organizations. They are fundamentally following the same tactics and techniques to ‘defend’ against adversaries as they have for the past several years. The CISO still reports to the CIO in most organizations seeing security still as a technical issue. CISOs battle the CIO quietly trying to move security to the forefront only to be pushed to the back of the pack in the name of features and functionality. CISOs continue to beg for financial table scraps and the scraps they do get are used to double down on existing technology. The same technology that is failing them now but with a new twist or new buzzwords describing really what they cannot do. And since organizations still see the issue as a technology problem, the CISO gets a budget that is a single digit percentage of the overall IT budget.
Why cybersecurity will suffer the same fate in 2015 as it did in 2014 | CSO Online