80% of security leaders expect to be attacked this year


By Dylan Bushell-Embling
Tuesday, 06 June, 2017


80% of security leaders expect to be attacked this year

Four in five security leaders expect a cyber attack to hit their organisations this year, but many are unprepared to defend against emerging threats, an ISACA survey indicates.

More than half (53%) of respondents to the global information security association’s State of Cyber Security study reported a year-over-year increase in cyber attacks last year.

In addition, 78% of respondents reported experiencing malicious attacks that can impair an organisation’s operations and user data.

But many organisations are struggling to keep pace with the evolving threat environment due to a lack of resources. For example, while 62% of respondents reported experiencing ransomware last year, only 53% have a formal process in place to address it.

Fewer than one in three organisations (31%) routinely test their security controls, with 13% never testing them, and 16% do not have an incident response plan, the survey shows.

“There is a significant and concerning gap between the threats an organisation faces and its readiness to address those threats in a timely or effective manner,” ISACA Board Chair Dr Christos Dimitriadis said.

“Cybersecurity professionals face huge demands to secure organisational infrastructure, and teams need to be properly trained, resourced and prepared.”

On the bright side, 65% of organisations surveyed now have a chief information security officer (CISO), up from 50% last year.

But security leaders continue to report difficulties filling open cybersecurity positions, and one in four organisations have training budgets of less than US$1000 ($1335) per cybersecurity team member, limiting their ability to train talent to bridge these skills shortages.

“The rise of CISOs in organisations demonstrates a growing leadership commitment to securing the enterprise, which is an encouraging sign, but it’s not a cure-all,” Dimitriadis said.

“With the number of malicious attacks increasing, organisations can’t afford a resource slowdown. Yet with so many respondents showing a lack of confidence in their teams’ ability to address complex issues, we know there is more that must be done to address the urgent cybersecurity challenges faced by all enterprises.”

Image credit: ©stock.adobe.com/au/Leo Lintang

Follow us on Twitter and Facebook

Related Articles

The AI regulation debate in Australia: navigating risks and rewards

To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.

Strategies for navigating Java vulnerabilities

Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd