Tenable Network Security recently released its annual “Global Cybersecurity Assurance Report Card,” which assessed organizations’ ability to understand cybersecurity risks and mitigate threats. The security firm queried 700 global security practitioners for this cybersecurity survey, assigning grades based on respondents’ country and industry.
Confidence Plummeting, Cybersecurity Survey Says
The survey found declining scores in confidence indices across the board for enterprise threat awareness. Respondents cited cloud and mobile as the weakest areas form a security standpoint. Additionally, the report detailed decreasing risk assessment scores for containerization platforms (52 percent), DevOps environments (57 percent) and mobile devices (57 percent). All factors that failed the assessment either perform computing or access data in the cloud.
According to Tenable, the pace of change regarding cloud adoption and the technology’s ubiquity have made it harder for security professionals to see what lives on their networks. Without that critical information, it is difficult to accurately assess risk.
Respondents also cited problems related to older and well-used technology. Confidence in the “security of web applications” dropped to 62 percent from last year’s 80 percent rating. Another contributing factor may be the increased media attention surrounding cybersecurity incidents over the past few years.
When the survey results were broken down geographically, India tallied the highest risk assessment score, while Japan ranked last in that category, CSO Online reported. According to Tenable strategist Cris Thomas, this discrepancy may be due to the percentage of companies in each country that handle their own security.
For example, Indian companies outsource security at a much higher rate, which “gives them the sense that they’re paying someone else to handle it, and they think they’re more secure.” Japanese companies, by contrast, rarely outsource. These organizations are more knowledgeable about their security issues because they handle them directly.
The survey is an interesting snapshot of the security perception situation, but don’t use it to predict long-term trends just yet. We’ll have to wait until it has been around for at least two years to note any major trends.