CISO Survey 2013: Introduction - Revision history

Tgondrom: added information about number of survey participants.

2014-02-22T18:40:02Z

added information about number of survey participants.

Tgondrom at 21:15, 6 February 2014

2014-02-06T21:15:26Z

Tgondrom at 21:14, 6 February 2014

2014-02-06T21:14:23Z

Tgondrom: included methodology

2014-02-06T21:13:39Z

included methodology

Tgondrom: Create Introductions

2014-01-06T23:30:22Z

Create Introductions

New page

[[OWASP CISO Survey|< Back to the CISO Survey main page]]

__NOTOC__

= Introduction =

Over the last years, we noticed that application security risks and threats have been on the rise and OWASP has started the CISO survey project to gather intelligence and provide it to CISOs and senior managers in order to improve their security strategies, assess their priorities and learn from their peers about what works best protecting web and application security in organizations across various industries. Although this first data set has already been collected from more than a hundred senior information security managers from around the world, to some degree the current data set was too small to be broken down into country or industry specific findings. Having said that, we found that on an anecdotal level, many of the findings appear to be consistent across a multitude of industries. OWASP will, in the coming year 2014, significantly further improve the breadth and depth of the current CISO survey and conduct it with a much wider audience around the globe.

A number of findings support common assumptions, but others clearly show where assumed general expectations have been oversimplified. The report provides insight into which risks and threats are on the rise, which challenges are most pressing for CISOs and their organizations and what techniques are particularly useful to counter application security risks.

[[Category:OWASP CISO Survey Project]]

@@ Line 7: / Line 7: @@
 == The Survey methodology and data collection ==
-The survey questionnaire consists of 26 questions, across four domain areas:
+The survey questionnaire consists of 26 comprehensive questions, across four domain areas:
 * Investments and challenges,
 * Threats and risks,
@@ Line 17: / Line 17: @@
 * Senior security management
 The population of surveyed CISOs was invited across a number of various CISO events, with a large portion of participants outside the common OWASP community. So we aimed at minimizing any OWASP specific biases, still, some small bias may remain as it is an OWASP project after all.

@@ Line 33: / Line 33: @@
 == Register to receive future updates and invitations for OWASP CISO projects ==
 If you like to receive information about future releases of the OWASP CISO Survey and related CISO projects, you can register your email address here:
 https://docs.google.com/forms/d/1DBYIpWcx6IAZNHOXufdkLZKLIQXetwgbxxd7h_mqWN0/viewform
 Your contact details will be kept strictly confidential and only used to send you updates about new releases of OWASP CISO projects and invitations to participate in the CISO Survey. And you can of course unsubscribe from this service at any time.

@@ Line 1: / Line 1: @@
 [[OWASP CISO Survey|< Back to the CISO Survey main page]]
 __NOTOC__
 = Introduction =
 Over the last years, we noticed that application security risks and threats have been on the rise and OWASP has started the CISO survey project to gather intelligence and provide it to CISOs and senior managers in order to improve their security strategies, assess their priorities and learn from their peers about what works best protecting web and application security in organizations across various industries. Although this first data set has already been collected from more than a hundred senior information security managers from around the world, to some degree the current data set was too small to be broken down into country or industry specific findings. Having said that, we found that on an anecdotal level, many of the findings appear to be consistent across a multitude of industries. OWASP will, in the coming year 2014, significantly further improve the breadth and depth of the current CISO survey and conduct it with a much wider audience around the globe.

@@ Line 4: / Line 4: @@
 = Introduction =
-A number of findings support common assumptions, but others clearly show where assumed general expectations have been oversimplified. The report provides insight into which risks and threats are on the rise, which challenges are most pressing for CISOs and their organizations and what techniques are particularly useful to counter application security risks.
+== Register to receive future updates and invitations for OWASP CISO projects ==
 [[Category:OWASP CISO Survey Project]]