December 6, 2016
By Larry Loeb 2 min read

Tenable Network Security recently released its annual “Global Cybersecurity Assurance Report Card,” which assessed organizations’ ability to understand cybersecurity risks and mitigate threats. The security firm queried 700 global security practitioners for this cybersecurity survey, assigning grades based on respondents’ country and industry.

Confidence Plummeting, Cybersecurity Survey Says

The survey found declining scores in confidence indices across the board for enterprise threat awareness. Respondents cited cloud and mobile as the weakest areas form a security standpoint. Additionally, the report detailed decreasing risk assessment scores for containerization platforms (52 percent), DevOps environments (57 percent) and mobile devices (57 percent). All factors that failed the assessment either perform computing or access data in the cloud.

According to Tenable, the pace of change regarding cloud adoption and the technology’s ubiquity have made it harder for security professionals to see what lives on their networks. Without that critical information, it is difficult to accurately assess risk.

Respondents also cited problems related to older and well-used technology. Confidence in the “security of web applications” dropped to 62 percent from last year’s 80 percent rating. Another contributing factor may be the increased media attention surrounding cybersecurity incidents over the past few years.

Geographical Differences

When the survey results were broken down geographically, India tallied the highest risk assessment score, while Japan ranked last in that category, CSO Online reported. According to Tenable strategist Cris Thomas, this discrepancy may be due to the percentage of companies in each country that handle their own security.

For example, Indian companies outsource security at a much higher rate, which “gives them the sense that they’re paying someone else to handle it, and they think they’re more secure.” Japanese companies, by contrast, rarely outsource. These organizations are more knowledgeable about their security issues because they handle them directly.

The survey is an interesting snapshot of the security perception situation, but don’t use it to predict long-term trends just yet. We’ll have to wait until it has been around for at least two years to note any major trends.

 |  |  |  |  |  |  | 
Larry Loeb
Principal, PBC Enterprises

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE mag...

More from

Risk Management   March 28, 2023

Remote Employees: Update Your Routers (and More WFH IT Tips)

As a business owner or manager, you must ensure your employees have the right tools and resources to do their jobs well — especially with more people working from home. And IT infrastructure is one of the most important considerations regarding remote work.However, the truth is that most employees don’t think about their IT infrastructure until something goes wrong. In many cases, this can leave an employee stranded and unable to complete their tasks. In a worst-case scenario, this reactionary…

News   March 27, 2023

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

Risk Management   March 27, 2023

The Role of Human Resources in Cybersecurity

The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something…

Risk Management   March 24, 2023

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature