Cyber-attacks pose high risks for organisations as common attacks remain successful in exploiting vulnerabilities already known to the organisations, and only 12% think they are likely to detect a sophisticated cyberattack, according to a survey by EY.

The 20th annual EY Global Information Security survey (GISS) of 1,200 C-suite level leaders from global organisations found that malware (64% compared to 52% last year) and phishing (64% compared to 51% last year) were perceived as the rising threats of the last 12 months. Although, the threat of internal attacks, and attacks to steal financial information, IP or data have dropped. Additionally, 77% agreed the vulnerability of careless or unaware employees was the most likely attack source.

Currently, 75% of respondents rated the maturity of their vulnerability identification as “very low to moderate” and 12% have no formal breach detection program in place, with 35% describing these policies as ad-hoc or non-existent. Therefore, 56% are concerned about increasing cyber threat impacts and are planning to change their strategies due to increasing cyber threats, risks and vulnerabilities from increased connectivity and technology.

However, 87% of respondents said they require 50% more funding in order to address this, and 90% expect higher budgets this year, with 12% expecting to receive an increase of more than 25%. However, in order to improve preparedness, 52% do have a Security Operations Center (SOC) and 43% have an informal threat intelligence program.

While 50% said that they report to the board regularly, only 24% said the person with responsibility for cybersecurity sits on their board and 17% think boards have sufficient cybersecurity knowledge for oversight. Twenty percent admitted they did not have enough current information on security implications and vulnerabilities to conduct a review.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.