Businesses still falling short in fight against cyber crime - EY
Many organisations still lack confidence in their ability to detect sophisticated cyber attacks and have inadequate information security in place, according to research by EY.
EY’s Global Information Security Survey 2015, Creating trust in the digital world, found that almost 90% of businesses do not believe their information security structure fully meets their needs.
69% of those surveyed said their budgets will need to be increased by up to 50% to align their organisation’s need for protection with its managements’ tolerance for risk.
Ken Allan, Global Cyber Security Leader at EY, said that organisations must address “increasingly sophisticated cyber threats”.
He said: “The only way to make the digital world fully operational and sustainable is to enable organisations to protect themselves and their clients and to create trust in their brand.”
The shifting perceptions of cyber security
The survey also saw a drop in organisations feeling vulnerable to attacks arising from unaware employees (44%) and out-dated systems (34%).
Businesses feel more threatened today by phishing (44%) and malware (43%), which top the list of biggest threats.
Paul van Kessel, Global Risk Leader at EY, said: “Cyber security is inherently a defensive capability, but organisations should not wait to become victims. Instead, they should take an ‘active defence’ stance to identify potential attackers and neutralize threats before damage can occur.”
Thwarting cyber attacks
Many of the organisations surveyed feel they are falling short in thwarting cyber attacks by taking an ad hoc approach to managing their risks and vulnerabilities, with 54% saying they lack a dedicated function that focuses on emerging technology and its potential impact on the business.
Ken Allen said: “Businesses should not overlook or underestimate the potential risks of cyber breaches. Instead, they should develop a laser-like focus on cyber security and make the required investments.”
However, making this investment is not as easy as it sounds, with many saying that there is a lack of skilled talent available for them to hire, leading them to indicate that the situation is deteriorating, rather than improving.
EY’s survey of 1,755 organisations from 67 countries examined some of the most important cyber security risks facing businesses today.