Last year, CIO, CSO and PricewaterhouseCoopers released a new Global State of Information Security survey, which polled more than 10,000 executives from 127 countries about IT security. The results were a mixed bag, with security incidents up 38% over 2014 but corresponding budgets rising only 24%.
The survey reflected broad thinking about how companies are trying to defend themselves from hackers as well as employees, the most often cited sources of security compromises. But despite the continued growth in hacks and other security incidents, there were some important signs that security threats aren’t being taken seriously enough at the executive level. For one, the poll found that only 45% of boards participate in overall security strategy.
Brakes for your bullet train
This finding reflects common corporate psychology that cybersecurity is a cost center and a drain on resources – a Cisco survey of over 1,000 executives also found that 74% of respondents in the U.S. said that the main purpose of cybersecurity is to reduce risk instead of enable growth. I’ve found that people tend to think of cybersecurity as costly, complex, inefficient, and a damper on productivity. Many people believe it may not actually work or mitigate risk. This can result in security measures being implemented piecemeal without any overarching policy, resulting in costly but poor integration. For the full article click here
from cyber security caucus http://ift.tt/299E69v
via IFTTT
No comments:
Post a Comment