BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Cyberattacks greatest threat to survival of UK businesses today

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 12 Nov 2013 00:07:47 -0700
http://www.ciol.com/ciol/news/199440/cyberattacks-threat-survival-uk-businesses

With the majority of UK responding businesses reporting an increase in
external threats and with 96 percent fearing that their information
security functions not fully meet their needs, cyberattacks pose the number
one threat for UK businesses, according to a new survey released by EY
today.

Under cyberattack, EY's 16th annual Global Information Security Survey 2013
tracks the level of awareness and action by companies in response to cyber
threats and canvases the opinion of over 1,900 senior executives globally.

In the UK, 66 percent of respondents report the number of security
incidents within their organisation has increased by at least 5 percent
over the last 12 months. Many have realised the extent and depth of the
threat posed to them; resulting in information security now being ‘owned'
at the highest level within 62 percent of the organisations surveyed.

Mark Brown, Information Security director at EY, comments: "This year's
results show that while businesses are faced with a rising number of
security breaches, budget constraints and talent shortages mean that they
fail to put in place those systems that match their needs.

"As a result, for UK businesses, this is no longer an issue of whether they
will be attacked - the reality is that organisations need to now focus
their efforts on determining when the attack took place and identifying
that they fell victim to the cyber threat in the first place."

Information security departments feel the pinch
With just a quarter of respondents planning to increase their budget by 5
percent or more in the next 12 months, enabling them to channel more
resources toward innovating solutions that can protect them, 69 percent of
information security professionals continue to feel that their budgets are
insufficient and cite them as their number one challenge to operating at
the levels the business expects.

Struggle with a lack of skilled resources
Although information security is focusing on the right priorities, in many
instances, the function doesn't have the skilled resources or executive
awareness and support needed to address them.

In particular, the gap is widening between supply and demand, creating a
sellers' market, with 66 percent of respondents citing a lack of skilled
resources as a barrier to value creation. Similarly, 28 percent of
participants indicated a lack of executive awareness or support as an issue.

Brown comments: "A lack of skilled talent is a global issue. It is
particularly acute in the UK, where Government and companies are fiercely
competing to recruit the brightest talent to their teams from a very small
pool. As a result, while organisations feel they are addressing the right
priorities, many indicate that they do not have the skilled resources to
support their needs."

Looking ahead, he concludes: "Organisations must undertake more proactive
thinking, with tone-from-the-top support. Greater emphasis on improving
employee awareness, increasing budgets and devoting more resources to
innovating security solutions is needed. The pace of technology evolution
will only accelerate - as will the cyber risks and by not considering risks
until they arise gives cyber attackers the advantage, jeopardizing an
organisation's survival."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Previous By Date Next
Previous By Thread Next

Current thread: