Half of IT safety leaders do not know if their cybersecurity instruments are working, in response to a report from the Ponemon Institute and AttackIQ.
Digital transformation initiatives convey a slew of knowledge privateness issues to US well being organizations, in response to a Thales report.
Organizations throughout industries are investing closely in cybersecurity instruments and applied sciences, spending a mean of $18.four million yearly on such measures. Nonetheless, 53% of IT groups stay uncertain if the safety instruments they’ve deployed are literally working, in response to Tuesday report The Cybersecurity Phantasm: The Emperor Has No Garments from the Ponemon Institute and AttackIQ.
The report surveyed 577 US IT safety practitioners. Whereas 58% of those professionals stated their organizations will improve their IT safety price range by a mean of 14% within the subsequent 12 months, solely 39% reported getting full worth from their safety investments.
SEE: How you can get customers on board with important safety measures (free PDF) (TechRepublic)
On common, corporations deploy 47 completely different cybersecurity options and applied sciences, in response to the report. However lower than half of IT practitioners stated they’re assured that knowledge breaches might be stopped with their present investments in expertise and workers.
When requested why knowledge breaches nonetheless occur, regardless of investments in cybersecurity applied sciences, IT and safety professionals gave the next 12 causes, the report discovered:
- Attackers are persistent, subtle, effectively educated and effectively financed (70%)
- It’s troublesome to guard advanced and dynamically altering assault surfaces (66%)
- There’s a lack of enough safety workers with the required abilities (65%)
- Human error (62%)
- Incapability to stop workers from falling for a phishing rip-off (61%)
- Networks usually are not scanned steadily for vulnerabilities (58%)
- Lack of visibility into the operations of our safety program (56%)
- Lack of management over entry privileges (50%)
- System glitches (49%)
- Problem holding safety instruments up to date (48%)
- Misconfigured or incorrectly put in instruments (45%)
- Threats which have evaded conventional safety protection and at the moment are contained in the IT surroundings (39%)
Human elements—together with the sophistication of attackers, the shortage of sophistication of finish customers, and gaps in cybersecurity abilities in organizations—clearly stay a serious safety menace to the enterprise. Whereas IT and safety professionals typically look to safety instruments and applied sciences to fight this, there isn’t a substitute for robust worker coaching practices and searching for out expert cybersecurity practitioners.
For extra, try How you can make your workers care about cybersecurity: 10 recommendations on TechRepublic.