Companies Expect Cyber-Attacks but Aren’t Prepared
Companies Expect Cyber-Attacks but Aren’t Prepared
Most security leaders expect a cyber-attack to strike this year, but many of them are unprepared and struggling to keep pace with the threat environment.
Increase in Cyber-Attacks in 2016
53% of the security leaders surveyed reported a year-over-year increase in cyber-attacks for 2016, but only 46% of the respondents have confidence in their cyber-defense teams.
Changing Threat Entry Points
IoT overtook mobile as a primary focus for cyber-defense, as 97% of organizations saw a rise in the use of networked devices. Cyber-security professionals need protocols to safeguard these new threat entry points.
Malicious Attacks
78% of the security leaders surveyed reported malicious attacks that impaired their operations or user data.
Ransomware Thrives
62% of respondents reported ransomware attacks, but only 53% have a formal process to address them.
Security Controls Not Tested Routinely
Only 31% of the security leaders surveyed said they routinely test their security controls, and 13% never test them. 16% do not have an incident response plan.
CISOs Struggle to Fill Jobs
65% of respondents employ a CISO, up from 50% the prior year, but they continue to struggle to fill cyber-security jobs. Only 30% received at least 10 applicants for an open position, and less than half of them were qualified.
Meager Training Budgets
Though organizations understand that security training is critical to addressing skills gaps, 25% of surveyed companies have training budgets of less than $1,000 per security team member
Biggest Skills Gaps
Ability to understand the business: 52%
Technical skills: 25%
Communication Skills: 17%
Budgets Growth Slows
50% of the security leaders surveyed expect budget increases this year, but that’s down from 61% last year.
