Experts in Cybersecurity: Kirsty Paine, Field CTO and Strategic Advisor at Splunk

Why Trust Techopedia

In a wide-ranging interview, Techopedia speaks with Kirsty Paine, field CTO and strategic advisor at Splunk, about the changing role of the CISO. Paine also weighs in on the ever-evolving cybersecurity landscape, the top cyberthreats companies are facing today, and how they can create effective cybersecurity strategies.

Techopedia meets with Kirsty Paine, field CTO and strategic advisor at Splunk, a cybersecurity and observability company, to talk about the changing role of the chief information security officer (CISO), the ever-evolving cybersecurity landscape, the top cyber threats companies are facing today, and how they can create effective cybersecurity strategies. We also explore Paine’s work with the World Economic Forum.

On the Changing Role of the CISO

Q: How has the CISO role changed in recent years?

Kirsty Paine - Splunk
Kirsty Paine

A: In our recent CISO report, 86% of respondents said that the role has changed so much since they became a CISO that it’s almost a different job. Organizations increasingly recognize the strategic importance of security, so CISOs are not necessarily the deep security specialists they used to be.

In fact, more CISOs are coming from other technology teams or business areas. And they now have a prominent seat at the boardroom table, establishing them as true peers and opening lines of communication with other C-suite executives. A case in point is our recent CISO report, which reveals that 47% of CISOs report directly to their CEOs.

This breakthrough has allowed organizations to prioritize integrated security as a central business function, but it is not an easy adjustment. Board members are becoming more active security stakeholders and requesting that CISOs justify their investments.

This isn’t a bad thing, as it shows that leaders are willing to listen and allocate higher budgets for the upcoming year ahead (even if it is still not enough).


Q: How can CISOs better align with the rest of the C-suite and their boards?

A: CISOs are working to better communicate their priorities and initiatives to the board in light of the rapid changes we see across the cyber landscape and growing attack surface.

According to our findings, 90% of CISOs report that their governing boards care about different key performance indicators (KPIs) and security metrics today compared to two years ago.

To align with the C-suite, CISOs must establish relevant, controllable, ‘trendable’ metrics that boards care about. These metrics often focused on risk, include the return on investment of security investments, security testing results, and the opportunity to purchase cyber insurance. That’s because boards may not know security but will always understand money, loss, and risk.

Q: What critical attributes do people aiming for careers in cybersecurity need?

A: Those working in the cybersecurity industry must prioritize collaboration and be adaptable.

The industry today is not the same as it was 20, 10, five — even two years ago — so adaptability is key.

Technology leaders are increasingly responsible for giving organizations an edge through innovation, and security leaders are no different – they must be able to communicate how to strengthen the business while maintaining or introducing fundamental security procedures to combat the constantly changing threat landscape.

Unfortunately, security, engineering, and IT teams often still work too separately to realize these gains and give their company a true technical advantage.

Collaboration has to be a top priority when the landscape evolves at the pace it does in the cyber industry, i.e., incredibly fast.

Any individual entering the security industry must be open and receptive to learning and working with other teams, which, in turn, boosts overall morale and passion for working toward a common goal.

With all hands on deck, close communication, and an energized effort, security teams are unstoppable.

The Ever-Evolving Cybersecurity Landscape

Q: How do you see AI changing the cybersecurity landscape?

A: AI will revolutionize many industries, and security is no different. In fact, 70% of CISOs believe that artificial intelligence (AI) will give attackers an advantage over defenders and increase overall mitigation risks.


But realistically, there will be a new wave of AI-enabled attacks ranging from ingenious and novel attacks that we will see come to fruition in the near future. According to SURGe, Splunk’s research team, people have a random chance of guessing if phishing is AI-generated or human-generated.

Although the risks of AI are still speculative, 35% of industry leaders we surveyed are experimenting with its use, with top uses being for workflow automation, cyber defense, malware analysis, and risk-scoring processes.

AI will ultimately accelerate the distillation of information and support different administrative aspects, making it essential for IT leaders to create AI policies and provide training on AI’s deployment and implementation.

Q: What are the top cyberthreats in different industries, e.g., healthcare, manufacturing, the tech sector, e-commerce? Are organizations doing enough to combat these threats?

A: The healthcare industry faces large numbers of cyberattacks on a regular basis, resulting in serious life-threatening outcomes that affect thousands of people in different locations. In 2023, the manufacturing industry saw the fourth-largest number of incidents behind financial, education, and public administration organizations.

Cyber threats are heavily prevalent among small and large organizations – no matter the industry. I co-host a podcast with Audra Streetman called The Security Detail, and during each episode, we examine the threat landscape in different industries.

Financial institutions are often ahead in their security maturity, but a lot of regulation expands the scope of security and refocuses it on availability, especially in Europe. I see this in the telecommunications industry as well.

I joke that security was all about the CIA triad (confidentiality, integrity, availability), but now it’s turning into AIC (availability, integrity, confidentiality), as security incidents mean downtime, and those security teams are becoming more responsible for reliable services.

Top Security Trends and Issues for CISOs

Q: What are the top three security trends and issues that CISOs and security professionals are focusing on currently?

A: 1. AI: A tool and a threat to the cyber landscape

What AI prototyping and innovation we saw in 2023 will be productionized in 2024 for both attackers and defenders. Organizations will begin to realize, recognize, and act on how the technology can benefit security teams and enhance cyber skills across the board.

While AI can increase threat scenarios, such as data leakage in large language models (LLMs), deep fakes, and social engineering, it also can address talent shortfalls, build cyber defenses, and apply resources to tasks that require some ‘intelligence.’

Even when cyber skills aren’t sorely lacking in the workforce (and they definitely are today), AI can be powerfully leveraged as the attack surface grows. AI is not just a tool for defense but also a solution to alleviate skills gaps and talent shortages.

However, we need to ensure we don’t fall into a pit of disappointment as our dreams aren’t magically realized, which many organizations have experienced in recent years with automation and cloud.

The excitement of AI can blind us to the need for proper planning, assessment of capacities, and realism about the time to achieve value. It’s not jazzy and optimistic, but it’s important.

2. Economic challenges are impacting security

Security budgets need protection to combat today’s elevated attack surface. Our recent CISO report also found that 92% percent of CISOs expect an increase in their cybersecurity budgets for 2024, while 83% see budget cuts in other areas of their organizations. This is hopeful, even if it’s still insufficient to achieve the security standard CISOs want in 2024.

There’s a flip side too. Cybercriminals are largely financially motivated, so macroeconomic trends also impact the security landscape, from a shift in the types of attacks we see from ransom to extortion. Meanwhile, 80% of CISOs say they have noticed that their companies have faced a growing number of threats coinciding with the declining economy.

3. Prioritizing organizational security collaboration and communication

In the United States, the Security and Exchange Commission (SEC)’s new cyber disclosure rules are top of mind for security leaders and executives, while in Europe, we’re focused on the NIS2 Directive.

Both regulatory pieces focus on speeding up reporting timelines of incidents, meaning more round-the-clock coverage and/or automation is needed to speed up identification, investigation, and reporting.

Leaders must prioritize internal communication, teamwork, and collaboration, not just 9am – 5pm during the weekday, but 24/7, all year round.

Q: What are the most critical factors that every company should consider in creating an effective cybersecurity strategy?

A: Be honest and realistic about your current situation and, therefore, prioritize what you need. Establish what’s important to your organization (not just in security) and determine how to support it.

Productivity for employees? Great, change your onerous password requirements and introduce [single sign-on]. Easy self-service reporting of phishing? Super, reduce risk and employee burnout at the same time. It doesn’t have to be glamorous to be effective; just make sure measurable and tangible change happens to lift the hygiene baseline.

Paine’s Work With The World Economic Forum

Q: Can you talk about your work with the World Economic Forum?

A: I am undertaking a Fellowship with the World Economic Forum for two years at its cybersecurity center. The World Economic Forum does incredible work creating open spaces for discussion and forging communities that can affect real global change and ultimately lift security for everyone.

I work on two of their five pillars (cyber resilience in manufacturing and the partnership against cybercrime), but they also have other pillars, including digital trust and quantum.

Their Annual Meeting for Cybersecurity took place in mid-November with 150 technology and security executives (imagine wall-to-wall CISOs), including Splunk’s Petra Jenner (general manager for EMEA) and Jason Lee (CISO).

We also recorded a podcast episode while we were there on their takeaways from the event, which ranged from the importance of transparency and trust to information-sharing, collaboration, and CISO mental health.

My favorite quote from the podcast was, ‘a time of crisis is not the time to exchange business cards,’ which underscores why involvement in these communities is so important.

About Kirsty Paine

Kirsty Paine is a technologist, strategist, and security specialist who has spent much of her career working in government security, European technical policy, and international technical forums. Paine thrives on understanding difficult problems and finding creative solutions, which she does often as a field CTO and strategic advisor at Splunk, providing technical thought leadership or in her current Fellowship with the World Economic Forum.

A security specialist at heart, Paine began her career as a mathematician for the UK National Cyber Security Center, working on cryptographic technologies, machine learning (ML), big data, and post-quantum security.

This role evolved into a broader security concentration with years of engaging in international technical forums, collaborating with industry, and working with UK and European policymakers on security, privacy, cryptography, AI, internet technologies, and the Internet of Things.

Understanding the importance of good technical communication, Paine can often share her opinion on stage at conferences, on The Security Detail podcast, or writing technical leadership blogs.


Related Reading

Related Terms

Linda Rosencrance
Technology journalist
Linda Rosencrance
Technology journalist

Linda Rosencrance is a freelance writer and editor based in the Boston area, with expertise ranging from AI and machine learning to cybersecurity and DevOps. She has been covering IT topics since 1999 as an investigative reporter working for several newspapers in the Boston metro area.  Before joining Techopedia in 2022, her articles have appeared in TechTarget,, TechBeacon, IoT World Today, Computerworld, CIO magazine, and many other publications. She also writes white papers, case studies, ebooks, and blog posts for many corporate clients, interviewing key players, including CIOs, CISOs, and other C-suite execs.