Hands Tied: Half of Organizations Say Cyber Attacks Are on the Rise, but Resource Constraints Persist
New and evolving threats combined with persistent resource challenges limit organizations’ abilities to defend against cyber intrusions, according to the second installment of ISACA’s 2017 State of Cyber Security Study . Eighty percent of the security leaders who participated in the survey believe it is likely their enterprise will experience a cyberattack this year, but many organizations are struggling to keep pace with the threat environment.
This Smart News Release features multimedia. View the full release here: http://www.businesswire.com/news/home/20170605005448/en/
More than half (53 percent) of survey respondents reported a year-over-year increase in cyberattacks for 2016, representing a combination of changing threat entry points and types of threats:
- IoT overtook mobile as primary focus for cyber defenses as 97 percent of organizations see rise in its usage. As IoT becomes more prevalent in organizations, cyber security professionals need to ensure protocols are in place to safeguard new threat entry points.
- Sixty-two percent reported experiencing ransomware in 2016 but only 53 percent have a formal process in place to address it—a concerning number given the significant international impact of the recent WannaCry ransomware attack.
- Malicious attacks that can impair an organization’s operations or user data remain high in general (78 percent of organizations reporting attacks).
Additionally, fewer than 1 in 3 organizations (31 percent) say they routinely test their security controls, and 13 percent never test them. Sixteen percent do not have an incident response plan.
“There is a significant and concerning gap between the threats an organization faces and its readiness to address those threats in a timely or effective manner,” said Christos Dimitriadis, Ph.D., CISA, CISM, ISACA board chair and group head of information security at INTRALOT. “Cyber security professionals face huge demands to secure organizational infrastructure, and teams need to be properly trained, resourced and prepared.”
The Cyber Security Resource Problem
This year’s survey respondents indicated that, while cyber security is a priority for enterprise leadership, roadblocks facing cyber security professionals remain.
The good news: more organizations than ever now employ a chief information security officer—65 percent, up from 50 percent in 2016. However, security leaders continue to struggle to fill open cyber security positions, as part 1 of this year’s State of Cyber Security report indicated, and nearly half (48 percent) of respondents don’t feel comfortable with their cyber team’s ability to address anything beyond simple cyber security issues. Additionally, more than half of all respondents say cyber security professionals lack an ability to understand the business.
Though training is critically needed to address these skill shortages, 1 in 4 organizations have training budgets of less than US $1,000 per cyber security team member. While overall cyber security budgets remain strong, fewer organizations are increasing their budgets this year. About half will see budget increases, down from 61 percent in 2016.
“The rise of CISOs in organizations demonstrates a growing leadership commitment to securing the enterprise, which is an encouraging sign,” said Dimiatridis. “But that’s not a cure-all. With the number of malicious attacks increasing, organizations can’t afford a resource slowdown. Yet with so many respondents showing a lack of confidence in their teams’ ability to address complex issues, we know there is more that must be done to address the urgent cyber security challenges faced by all enterprises.”
ISACA’s State of Cyber Security Study 2017 is available as a free download at www.isaca.org/state-of-cyber-security-2017 . Part I covers workforce issues, and part II addresses the threat landscape. This report is the latest resource from ISACA’s Cybersecurity Nexus (CSX), which provides knowledge, skills-based training and performance-based certifications, and career guidance for cyber security professionals and those looking to build cyber security skills.
Nearing its 50th year, ISACA ® (isaca.org ) is a global association helping individuals and enterprises achieve the positive potential of technology. ISACA leverages the expertise of its half-million engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute , to help advance innovation through technology.
Information om Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco
Følg pressemeddelelser fra Business Wire
Skriv dig op her og modtag pressemeddelelser på mail. Indtast din mail, klik på abonner og følg instruktionerne i den udsendte mail.
Flere pressemeddelelser fra Business Wire
SERVIER21.6.2018 13:12 | pressemeddelelse
Servier and Taiho Announce Phase III Trial Data Demonstrates Significant Overall Survival Benefit of LONSURF® (trifluridine and tipiracil) in Patients with Metastatic Gastric Cancer
SIMSCALE21.6.2018 12:51 | pressemeddelelse
SimScale Announces a Preview Program of FDS for Simulation of Fire Scenarios in Buildings
WAREHOUSE-TERRADA21.6.2018 11:02 | pressemeddelelse
Warehouse TERRADA Forms a Three-Party Partnership with Yokohama University of Art and Design and PALAZZO SPINELLI, an Italian Institute for Art and Restoration
SMITHS-DETECTION21.6.2018 10:02 | pressemeddelelse
Further STAC Approval for Smiths Detection’s Checkpoint.Evoplus
NORDIC-BUSINESS-FORUM21.6.2018 10:00 | pressemeddelelse
President Obama is Coming to Europe to Speak at Nordic Business Forum
MORI-BUILDING/TEAMLAB21.6.2018 04:02 | pressemeddelelse
Mori Building and teamLab Launch Unprecedented Digital Art Museum
I vores nyhedsrum kan du læse alle vores pressemeddelelser, tilgå materiale i form af billeder og dokumenter, og finde vores kontaktoplysninger.Besøg vores nyhedsrum