Companies Expect Cyber-Attacks but Aren't Prepared

 
 
By Karen A. Frenkel  |  Posted 07-21-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Companies Expect Cyber-Attacks but Aren't Prepared
    Next

    Companies Expect Cyber-Attacks but Aren't Prepared

    Most security leaders expect a cyber-attack to strike this year, but many of them are unprepared and struggling to keep pace with the threat environment.
  • Previous
    Increase in Cyber-Attacks in 2016
    Next

    Increase in Cyber-Attacks in 2016

    53% of the security leaders surveyed reported a year-over-year increase in cyber-attacks for 2016, but only 46% of the respondents have confidence in their cyber-defense teams.
  • Previous
    Changing Threat Entry Points
    Next

    Changing Threat Entry Points

    IoT overtook mobile as a primary focus for cyber-defense, as 97% of organizations saw a rise in the use of networked devices. Cyber-security professionals need protocols to safeguard these new threat entry points.
  • Previous
    Malicious Attacks
    Next

    Malicious Attacks

    78% of the security leaders surveyed reported malicious attacks that impaired their operations or user data.
  • Previous
    Ransomware Thrives
    Next

    Ransomware Thrives

    62% of respondents reported ransomware attacks, but only 53% have a formal process to address them.
  • Previous
    Security Controls Not Tested Routinely
    Next

    Security Controls Not Tested Routinely

    Only 31% of the security leaders surveyed said they routinely test their security controls, and 13% never test them. 16% do not have an incident response plan.
  • Previous
    CISOs Struggle to Fill Jobs
    Next

    CISOs Struggle to Fill Jobs

    65% of respondents employ a CISO, up from 50% the prior year, but they continue to struggle to fill cyber-security jobs. Only 30% received at least 10 applicants for an open position, and less than half of them were qualified.
  • Previous
    Meager Training Budgets
    Next

    Meager Training Budgets

    Though organizations understand that security training is critical to addressing skills gaps, 25% of surveyed companies have training budgets of less than $1,000 per security team member
  • Previous
    Biggest Skills Gaps
    Next

    Biggest Skills Gaps

    Ability to understand the business: 52% Technical skills: 25% Communication Skills: 17%
  • Previous
    Budgets Growth Slows
    Next

    Budgets Growth Slows

    50% of the security leaders surveyed expect budget increases this year, but that's down from 61% last year.
 

According to the "State of Cyber-Security 2017" research study from the Independent Systems Audit and Control Association (ISACA), 80 percent of survey respondents expect a cyber-attack to strike their organization this year, but many remain unprepared and are struggling to keep pace with the threat environment. "There is a significant and concerning gap between the threats an organization faces and its readiness to address those threats in a timely or effective manner," said Christos Dimitriadis, ISACA board chair and group head of information security at Intralot. "Cyber-security professionals face huge demands to secure organizational infrastructure, and teams need to be properly trained, resourced and prepared." The survey compiled information from 600 security leaders around the world. The report is the second part of a series on cyber-security. The first part of this ISACA study was released in January 2017 and reported that security leaders continue to struggle to fill cyber-security positions.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register