Proofpoint’s Voice of the CISO 2021 Report unpacked

Proofpoint’s Voice of the CISO 2021 Report has revealed that more than two-thirds of UK CISOs feel unprepared to cope with a cyberattack.

Leading cybersecurity and compliance company Proofpoint has released its inaugural 2021 Voice of the CISO report, which examines the key challenges facing CISOs after one of the most unprecedented years in living history. 

The report at a glance

This year’s report surveys over 1,400 CISOs from medium and large-sized companies across 14 countries: the US, Canada, the UK, France, Germany, Italy, Spain, Sweden, the Netherlands, UAE, KSA, Australia, Japan, and Singapore.

“Last year, cybersecurity teams around the world were challenged to enhance their security posture in this new and changing landscape, literally overnight. This required a balancing act between supporting remote work and avoiding business interruption while securing those environments,” commented Lucia Milica, global resident CISO at Proofpoint. 

“With the future of work becoming increasingly flexible, this challenge now extends into next year and beyond. In addition to securing many more points of attack and educating users on long-term remote and hybrid work, CISOs must instil confidence among customers, internal stakeholders, and the market that such setups are workable indefinitely.”

The survey has three key areas of focus: 

  • The types of cyber threats that CISOs face daily
  • The requirements in the future to support a hybrid workforce as businesses reopen offices.
  • Employee education and preparedness in cybersecurity.

The report also takes a look at the challenges CISOs face in their roles, as well as the expectations of their teams. 


There are some clear trends emerging from the report. Key findings from UK respondents include:

CISOs are on high alert to a wealth of threats 

In the age where it is not a case of if but when concerning cyber attacks, 81% of surveyed UK CISOs feel at risk of suffering a material cyber attack in the next 12 months. This is the highest percentage globally. Insider threats, Cloud Account Compromise, and DDOS attacks comprised the three key types of attacks that CISOs are concerned about. 

Concern for cyber preparedness is still high

With the introduction of remote working and advancement towards hybrid working, 68% of UK CISOs feel their organisation is unprepared to cope with a targeted cyberattack in 2021. Half of the UK CISOs that took part in the survey have expressed a greater concern for a cyber attack in 2021, as opposed to 2020. 

Education on cyberattacks isn’t always enough 

Though 61% of employees feel that their workforce is educated in preventing cyberattacks, CISOs still consider human error (62%) and purposefully leaking data (criminal insider attack) as two of the primary ways in which employees could damage the business. 

Entering the age of hybrid work 

While the evolution of hybrid work has been met with enthusiasm from employees across office-based industries, there is still a considerable concern for company attacks. Since the coronavirus outbreak and the move to remote work, 60% of British CISOs have revealed that they have seen an increase in targeted attacks in the last year. 

High risk, high reward for attackers

According to Proofpoint’s report, CISOs believe that cybercrime will be both more profitable and riskier than before, with 71% of UK CISOs believing that cybercrime will become even more profitable for attackers, and 61% believe that cybercrime will become even more profitable it will also become riskier for cybercriminals.

The pressure on the CISO has never been higher 

With the move to remote work, the rise in cyberattacks, and some cases they need for drastic digital transformation, CISOs role in the company is more valuable than ever, which is reflected in the report. 66% of UK CISOs agree that expectations on their function are excessive.


“The ‘good enough’ approach of the past 12 months will simply not work in the long term: with businesses unlikely to ever return to pre-pandemic working practices, the mandate to strengthen cybersecurity defences has never been more pressing,” said Ryan Kalember, executive vice president of cybersecurity strategy for Proofpoint. 

“CISOs hold a business-critical function, now more than ever. The findings from our report emphasise that CISOs need the tools to mitigate risk and develop a strategy that takes a people-centric approach to cybersecurity protection and emphasises awareness training to address ever-changing conditions, like those experienced by organisations throughout the pandemic.”

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Unlock the Power of WiFi 6: How To Leverage It...

TBT Newsroom • 01st March 2023

Are you tired of being left behind in the technological world? Well, fear not! WiFi 6 is here to save the day and bring your business into the future. With unprecedented speeds and a host of new capabilities, WiFi 6 is the must-have technology for any business looking to stay ahead of the curve.