Organizations Still Not Adequately Prepared for Cyber Despite Rise in Global Awareness

Credit: Getty Images

Organizations are still not addressing cybersecurity issues adequately enough despite high awareness of the risks of attacks, a new study said.

For example, in a study of 2,700 executives and IT security professionals in 17 countries, 20 percent of the U.S. respondents said their organizations had been hit by a ransomware attack but 40 percent had no plans to up their cybersecurity defense spending, according to Thales, a Paris, France-based security provider, in newly released research. Moreover, in the U.S. slightly more than half (52%) of organizations have a formal ransomware response plan in place while worldwide less than half (48%) have that level of preparedness.

Thales’ researchers categorized the study’s results by data exposure, cloud adoption and future threats. Here are some of the key U.S. findings:

  • 24% of U.S. respondents said they have paid or would pay a ransom for their data.
  • Malware was the leading source of attacks (53%), followed by ransomware (49%) and phishing/whaling attacks (42%).
  • Of those IT respondents globally who were attacked, 55% say their internal operations were impacted, including 19% who said they were significantly affected and required remediation.

Here are some global highlights:

  • Financial loss, such as lost sales and legal expenses, has been or would be the greatest impact from a ransomware attack, according to 23%. Others include lost productivity (19%), recovery costs (18%), data exfiltration (16%), brand reputation (11%) and customer loss (7%).
  • 22% of respondents worldwide said they have paid or would pay a ransom for their data.
  • 41% of respondents worldwide say they have no plans to change security spending.
  • 28% have added additional budget for ransomware tools.

Here are some of the study’s findings on data visibility.

  • 34% of IT leaders in the U.S. said they are very confident about where their data is being stored, down 3% from the prior year’s study.
  • Only 16% said they have complete knowledge of where it is stored.
  • 43% of U.S. IT leaders failed a compliance audit in the past 12 months.

Here are some of the study’s findings on cloud adoption:

  • 40% of U.S. respondents use more than 50 software-as-a-service (SaaS) applications, including 21% who use more than 100 apps.
  • 51% of U.S. IT leaders said it is more complex to manage privacy and data protection regulations in a cloud environment than in on-premises networks within their organization.
  • 33% of U.S. respondents said that roughly half of their workloads and data reside in external cloud. 29% report more than 60%.
  • 42% of U.S. respondents say they are slightly or not at all confident that their current security systems can effectively secure remote work.

And, some data on what’s to come:

  • 24% in the U.S. said broad cloud security tool sets are the greatest future spending priority.
  • 34% in the U.S. said they expect to prioritize spending on key management in the future, with Zero Trust an important strategy for 32%.
  • On security threats from quantum computing, 57% in the U.S. are concerned with risk of network decryption, followed by key distribution (53%) and future decryption of today’s data (52%).
Return Home

No Comments

Leave a Reply

Your email address will not be published.