Businesses Expect Cybersecurity Risks to Grow in 2015
A recent survey of companies with cybersecurity needs found a high level of consensus among decision-makers that more cyberattacks are expected in 2015 as compared to the past year. The poll involved 649 IT and cybersecurity professionals and is called "The State of Cybersecurity: Implications for 2015." It was conducted by IT security standards organization ISACA and the RSA Conference, which provides information about cyberthreats and educational resources for businesses. The joint effort found 82 percent of organizations expect to have a malicious attack committed against their servers in 2015. That's somewhat more than the response given to the same question in 2014, when 77 percent of companies had this expectation.
The major manpower issues behind the perception
There were some specific problems mentioned by respondents in their responses to the survey. One issue that affects nearly all businesses with sensitive assets is the lack of available workers to fill IT positions. While the field has developed into an increasingly popular career choice as computers become more integral to operations, demand is significantly outstripping supply. Slightly more than a third of the survey's participants said they have had significant trouble filling open IT positions. A general feeling that many applicants don't have the precise knowledge needed to truly keep servers secure, or that the IT workers would not be able to grasp certain aspects of business operations, was also noted.
Just more than half of the respondents told ISACA and the RSA Conference that finding qualified IT employees is a major challenge and source of consternation. A similarly revealing statistic from the study is only 16 percent of companies have found that more than half of all applicants are qualified for the positions for which they have applied.
"The State of Cybersecurity study reveals a high-risk environment that is being made worse by the lack of skilled talent," said Robert E. Stroud, CGEIT, CRISC, international president of ISACA, in a blog post on the organization's website.
Positive growth in some areas
Despite some serious concerns related to getting qualified IT professionals on staff, a few of the statistics from the study indicated some progress. More businesses are understanding that they have to dedicate reasonable amounts of employee time and financial resources to cyber defense. Specifically, 56 percent said they plan to dedicate more budget space to cybersecurity in 2015 than they had in previous years. In addition, 63 percent of respondents said their executive boards have provided an adequate level of funding for such concerns. Other responses to survey questions about executive recognition of cybersecurity as a business priority and the development of the chief information security officer as a senior leadership role also indicate some beneficial developments for companies.
Cybersecurity needs expanding in scope
Political news site The Hill pointed to a need for stronger security measures related to virtual assets because of how quickly computers and the Internet are connecting previously analog portions of daily life. Because additional machines and technology are connected to each other through the Internet of Things on both the consumer and industrial levels, there's a growing need for strong protection beyond the server rooms of businesses. This is one area that may become a larger, more pressing problem if education and training for cybersecurity professionals doesn't quickly catch up with the times.
Of course, a solid strategy for defending against cyberthreats doesn't stop with hiring and training. Businesses need to have the right safeguards in place as well. Using a system such as NC4 Mission Center allows companies to securely collaborate and share sensitive information in a variety of business situations.
Thanks for contacting NC4! A member of our team will be in touch with you shortly.