Is Sharing Data With the Government a Good Idea?
-
Is Sharing Threat Data With the Government a Good Idea?
Sharing threat info with the public sector is considered acceptable, but many organizations oppose granting the government backdoor access to encrypted systems. -
Top Cyber-Threats to Organizations in 2016
Social engineering: 52%, Insider threats: 40%, Advanced persistent threats: 39%, Cyber-crimes: 32%, Unpatched systems: 31% -
Virtual Problem
23% of survey respondents say that virtualized servers pose the biggest security risk to their data center environment, while 18% cite virtualized networking. -
Prudent Pairing
44% say their organization has added two-factor authentication to improve security within their virtualized data centers, and 29% have initiated dual-person approvals for certain actions. -
Staffing Surge
Nearly half say their organization plans to hire more cyber-security pros this year. -
Red Alert
38% believe there is a "high" likelihood that a cyber-security attack disrupts critical infrastructure—such as an electrical grid or water supply system—in 2016. -
Shared Knowledge
57% are in favor of the U.S. Cybersecurity Act of 2015, which encourages the sharing of threat information between the private sector and the government. -
Off-Limits
63% say governments should not have backdoor access to encrypted information systems. -
Significant Tradeoff
59% feel that privacy is being compromised in the effort for stronger cyber-security regulations/legislation. -
Transparent Stance
84% are in favor of regulation that would require businesses to notify customers about a data breach within 30 days of its discovery. -
Image Issue
Despite support for breach disclosures to customers, 57% of survey respondents say concerns over corporate reputation present great challenges in issuing such notifications.
When assessing the most foreboding of cyber-threats for 2016, CIOs and other tech professionals and managers rank social engineering and insider threats at the very top, according to a recent survey from ISACA, the global IT and cyber-security association. In addition, many indicate that virtualized servers and networks pose significant risks to their data center environment, and they're turning to two-factor authentication to respond to the potential issue, among other remedies. Overall, results convey a cyber-security landscape that's getting increasingly complex for enterprise leaders—one involving a broad range of technical, political and human-driven challenges. While most survey respondents believe, for example, that the private and public sectors should share threat information, they do not feel they should grant the government backdoor access to their encrypted information systems. They're in favor of regulation that would require companies to notify customers about a data breach within 30 days of its discovery. But they worry that such disclosure could cause irreparable reputational damage. Given the escalating presence of threats as a whole, it's not surprising that a great deal of IT pros say their company will boost security staffing this year. An estimated 2,920 ISACA members worldwide took part in the research.