Businesses still lagging behind the cyber security risk

Businesses still lack the skills and resources to ensure robust cyber-security, a survey of C-level executives and other information security leaders from around the world has found.

EY Global Information Security Survey 2015 surveyed 1,755 C-level executives and other information security executives from 67 countries. With more than half (57%) of the respondents saying skills gaps and lack of resources are risking cyber-security.

Worryingly, this figure is up by 4% in comparison to 2014, which demonstrates that companies are not "adapting" to the cyber-environment according to EY.

Adding to the concern, 88% of respondents do not believe their information security structure fully meets their organization’s needs, the research found.

Elsewhere the banking and capital markets sector (representing 16% of the overall surveyed individuals) consider loss or leakage of data as a top security concern, while 20% agree malware is a likely source of attack.

Speaking to this magazine, co-author of the report and EY Global cyber security leader Ken Allan agrees that intrusive software is an obstacle to financial businesses, but there are far greater risks out there.

"The top priority for EY is the protection of customer data", Allan said. "No matter what industry you are in, protect what is of value."

Allan says effective malware protection will identify attacks on financial businesses’ data, so energy is better placed to improve the overall prevention strategy of a company.

"Businesses should develop a laser-like focus on cyber security and make the required investments", Allan said. "The only way to make the digital world fully operational and sustainable is to enable organizations to protect themselves and their clients and to create trust in their brand."

Moreover, EY’s survey respondents say a lack of executive awareness or support is the main obstacle to securing the company’s information, while 69% agree more money should be spent on cyber security.

Respondents view criminal syndicates as the biggest threat to security breaches, while their own staff members came second.

EY Global risk leader Paul van Kessel has said businesses should not wait to become victims. "Instead, they should take an ‘active defense’ stance, with advanced security operations centers that identify potential attackers and analyze, assess and neutralize threats before damage can occur."

The survey also finds that businesses are falling short in thwarting cyber attacks, with more than half of the respondents’ businesses lacking a dedicated function to deal with new technology and its potential impact.

Companies are now most concerned with phishing scams, with 44% of respondents ranking this as their top threat, and malware malfunctions (43%).

Franchesca Hashemi

Companies Intelligence

Franchesca Hashemi

BOKS International adds 7 new firms in Q1

IECnet welcomes a new member in Qatar

Regulation: The number one concern amongst audit firms

MSI hosts International Specialist Interest Group Festival