Report Finds CISOs and Boards Face Increasing Regulatory Pressure


Regulatory pressures are increasing on CISOs and boards, according to the latest Nozomi Networks report, which looks at the trends affecting operational technology (OT) and Internet of Things (IoT) cybersecurity for the first five months of 2024 and what they mean for InfoSec executives and owners/operators of critical infrastructure.

The report found that regulatory pressures are requiring CISOs and corporate boards to assume greater accountability for enterprise-wide cybersecurity, including operational technology (OT), industrial control systems (ICS) and Internet of Things (IoT) devices. Such regulatory pressure, coupled with rising cyber insurance costs and coverage restrictions, may be the forcing function needed for companies to adopt holistic strategies.

These are well-known challenges, however. CISOs are assuming responsibility for security domains they know little about that require different tools and methods. Bringing OT and IoT security into the enterprise fold means CISOs must also overcome cultural silos between InfoSec and OT engineering teams that have impeded efforts to secure the expanding attack surface. Meanwhile, OT software and hardware vulnerabilities continue to increase, threat actors are harnessing AI to stay ahead of defenders, and the geopolitical climate is intensifying.

You can read the full report here.