Light Dark
December 6, 2016 By Larry Loeb 2 min read

Tenable Network Security recently released its annual “Global Cybersecurity Assurance Report Card,” which assessed organizations’ ability to understand cybersecurity risks and mitigate threats. The security firm queried 700 global security practitioners for this cybersecurity survey, assigning grades based on respondents’ country and industry.

Confidence Plummeting, Cybersecurity Survey Says

The survey found declining scores in confidence indices across the board for enterprise threat awareness. Respondents cited cloud and mobile as the weakest areas form a security standpoint. Additionally, the report detailed decreasing risk assessment scores for containerization platforms (52 percent), DevOps environments (57 percent) and mobile devices (57 percent). All factors that failed the assessment either perform computing or access data in the cloud.

According to Tenable, the pace of change regarding cloud adoption and the technology’s ubiquity have made it harder for security professionals to see what lives on their networks. Without that critical information, it is difficult to accurately assess risk.

Respondents also cited problems related to older and well-used technology. Confidence in the “security of web applications” dropped to 62 percent from last year’s 80 percent rating. Another contributing factor may be the increased media attention surrounding cybersecurity incidents over the past few years.

Geographical Differences

When the survey results were broken down geographically, India tallied the highest risk assessment score, while Japan ranked last in that category, CSO Online reported. According to Tenable strategist Cris Thomas, this discrepancy may be due to the percentage of companies in each country that handle their own security.

For example, Indian companies outsource security at a much higher rate, which “gives them the sense that they’re paying someone else to handle it, and they think they’re more secure.” Japanese companies, by contrast, rarely outsource. These organizations are more knowledgeable about their security issues because they handle them directly.

The survey is an interesting snapshot of the security perception situation, but don’t use it to predict long-term trends just yet. We’ll have to wait until it has been around for at least two years to note any major trends.

 |  |  |  |  |  |  | 
Larry Loeb
Principal, PBC Enterprises

More from

May 3, 2024

What we can learn from the best collegiate cyber defenders

3 min read - This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams were tasked with managing IT infrastructure during this migrational period and, as an added bonus, the networks were simultaneously attacked by a group of red…

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

May 1, 2024

New proposed federal data privacy law suggests big changes

3 min read - After years of work and unsuccessful attempts at legislation, a draft of a federal data privacy law was recently released. The United States House Committee on Energy and Commerce released the American Privacy Rights Act on April 7, 2024. Several issues stood in the way of passing legislation in the past, such as whether states could issue tougher rules and if individuals could sue companies for privacy violations. With the American Privacy Rights Act of 2024, the U.S. government established…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature