CISOs agree: The right technologies and defense in depth are the key factors in avoiding major cybersecurity breaches. It helps to have good processes and a skilled staff in place, but strong cybersecurity technologies are the most important factor to avoid data breaches.\u00a0Don\u2019t just take it from me \u2013 a large majority of respondents in a recent Forrester Consulting survey, commissioned by Fortinet, said better security technology was integral to their security successes.\u00a0The survey asked 342 CISOs and other security executives about their biggest security challenges. Topping the list was the rapidly evolving nature of cyberthreats, followed by security in the cloud, the complexity of their IT environments, and securing IoT. Not too surprisingly, more than two-thirds of the respondents reported that their organizations have been breached at some point. Those organizations breached in the last two years have been compromised an average of three times.\u00a0More than 7 in 10 of respondents who have not experienced a data breach cited better security technologies as key to their success, while more than half of those who have had breaches pointed to the same factor.\u00a0Just over half of each group pointed to better security procedures and processes as an important part of their cybersecurity programs, while about 30 percent pointed to more staff.\u00a0The findings highlight the importance of layered security, sometimes called \u2018defense in depth\u2019. Organizations that deploy 10 or more security technologies experienced few breaches, respondents reported.\u00a0Among the most popular cybersecurity technologies: threat intelligence, virtualization-aware security, network analysis and visibility, endpoint detection and response, network access control, SIEM, and endpoint prevention technologies. All those technologies were used by at least 70 percent of the respondents who said they haven\u2019t had a breach.\u00a0Beyond security technologies, outsourcing appears to be a major factor in keeping organizations safe. Those not experiencing a breach were 33 percent more likely to outsource some security functions to one or more vendors than those who have experienced a breach.\u00a0So What Action Items Should CISOs Consider?\u00a0\u00a0Organizations should build sustainable security programs led with the right technology. Companies that have avoided breaches use multiple security technologies, embrace threat intelligence-gathering services, and use support from a wide range of sources to acquire security technologies.\u00a0The Forrester report recommends that organizations focus their people and processes on supporting a \u201ctechnology-led security practice.\u201d That includes security leaders becoming more embedded with line-of-business teams and finding the right security partners, including outsourced providers.\u00a0Organizations should also explore security automation, Forrester recommended. \u201cManual processes place a higher burden on security staff to recognize and respond to threats, while automation can bring efficiencies,\u201d Forrester\u2019s report says.\u00a0Finally, CISOs and other security executives should stay up-to-date with security technologies and threats. Attend conferences, talk to your peers, and work with vendors to understand new threat intelligence technologies and methods, including Fortinet\u2019s recently announced cloud-based FortiGuard Threat Intelligence Service (TIS) designed to provide CISOs with a high-level view of the global threat landscape with insight into threat activity trends currently impacting their industry. FortiGuard TIS delivers strategic threat intelligence to ensure that CISOs have greater cyber situational awareness to apply the right security strategy and investments.\u00a0CISO\u2019s Role in Securing the Business\u00a0CISOs must continually assess their security strategies and adjust when it\u2019s needed. Tools such as FortiGuard TIS help them identify their potential security gaps to best determine plans to fix them and to measure improvements.\u00a0The role of today\u2019s CISO is rapidly evolving. CISOs need to become business managers focused on protecting their brands, strengthening their reputations, and building customer trust. They should build better connections with leaders within their own organizations, and they should look for ways security can fit into existing business process. Security must become \u201can asset \u2013 not a hindrance,\u201d Forrester says.