Light Dark
June 12, 2018 By Shane Schick 2 min read

While much of what happens in a modern business depends on how data moves back and forth across the corporate network, concern about network security has risen by 71 percent in the past year, according to a recent survey of chief information officers (CIOs). Despite this growing awareness, however, only 22 percent of respondents said they felt prepared for a cyberattack.

The report showed that the role of IT leaders, which includes everything from selecting hardware and software applications to digitizing business processes, is more difficult than ever thanks to the ever-expanding list of cybersecurity risk management challenges. In fact, 78 percent of chief information officers (CIOs) described the systems they use for cybersecurity risk management as only “moderately effective.”

Cybersecurity Risk Management Lags Despite Growing Concern

The findings of the “KPMG/Harvey Nash CIO Survey 2018” reflect how security leaders’ perception of data protection has changed given the evolution of cybercrime from random acts of information theft to sophisticated malware, ransomware and distributed denial-of-service (DDoS) attacks. For instance, 77 percent of survey respondents cited the threat of organized cybercrime as their greatest concern.

The survey results revealed a disconnect between the number of CIOs who are worried about their ability to defend corporate networks against malicious third parties and insider threats and the number of security leaders who are taking meaningful action. While 23 percent of respondents said they have increased their emphasis on security since 2017, the number of CIOs who cited managing risk and compliance as an area of focus rose by only 12 percent.

The Skills Gap and GDPR Create New Risk Management Challenges

The report suggested that the cybersecurity skills shortage might be contributing to this disconnect. The dearth of security and resilience skills, for instance, increased by 25 percent year-over-year. The good news, according to the report, is that cybersecurity risk management is quickly becoming a top priority for board directors.

It’s also worth noting that the report’s authors conducted their research as the General Data Protection Regulation (GDPR) was about to take effect. Despite all the cybersecurity risk management requirements included in the regulation, 38 percent of survey respondents admitted that they would not be ready for the since-passed deadline.

 |  |  |  |  |  |  |  |  | 
Shane Schick
Writer & Editor

More from

April 16, 2024

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

April 15, 2024

CISA releases landmark cyber incident reporting proposal

2 min read - Due to ongoing cyberattacks and threats, critical infrastructure organizations have been on high alert. Now, the Cybersecurity and Infrastructure Security Agency (CISA) has introduced a draft of landmark regulation outlining how organizations will be required to report cyber incidents to the federal government. The 447-page Notice of Proposed Rulemaking (NPRM) has been released and is open for public feedback through the Federal Register. CISA was required to develop this report by the Cyber Incident Reporting for Critical Infrastructure Act of…

April 11, 2024

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature