Security Incidents Continue to Rise in Cost and Frequency While Budgets Decrease, according to PwC, CIO and CSO’s The Global State of Information Security® Survey 2015
PR Newswire Association LLC |
"It's not surprising that reported security breach incidents and the associated financial impact continue to rise year-over-year," said
As security incidents grow in frequency, the associated costs of managing and mitigating breaches are also increasing. Globally, the estimated reported average financial loss from cybersecurity incidents was
Despite elevated concerns, the survey found that global information security budgets actually decreased four percent when compared with 2013. In fact, security spending as a percentage of IT budget has remained stalled at 4 percent or less for the past five years. "Strategic security spending demands that businesses identify and invest in cybersecurity practices that are most relevant to today's advanced attacks," explained
Organizations of all sizes and industries are aware of the serious risks involved with cybersecurity; however, larger companies detect more incidents. Large organizations – with gross annual revenues of
"Large companies have been a more likely target for threat actors since they offer more valuable information, and thus detect more incidents," said
Insiders have become the most-cited culprits of cybercrime – but in many cases, they unwittingly compromise data through loss of mobile devices or targeted phishing schemes. Respondents said incidents caused by current employees increased 10 percent, while those attributed to current and former service providers, consultants and contractors rose 15 percent and 17 percent, respectively. "Many organizations often handle the consequences of insider cybercrime internally instead of involving law enforcement or legal charges. In doing so, they may leave other organizations vulnerable if they hire these employees in the future," added Bragdon.
Meanwhile, high profile attacks by nation-states, organized crime and competitors are among the least frequent incidents, yet are among the fastest-growing cyber threats. This year, respondents who reported a compromise by nation-states increased 86 percent – and these incidents are also most likely under-reported. The survey also found a striking 64 percent increase in security incidents attributed to competitors, some of whom may be backed by nation-states.
Effective security awareness requires top-down commitment and communication, a tactic that the survey finds is often lacking across organizations. Only 49 percent of respondents say their organization has a cross-organization team that regularly convenes to discuss, coordinate, and communicate information security issues.
"Cyber risks will never be completely eliminated, and with the rising tide of cybercrime, organizations must remain vigilant and agile in the face of a constantly evolving landscape," said
To download a copy of the 2015 Global State of
NOTE TO EDITORS
Proper citation of the study is "The Global State of Information Security® Survey 2015, a worldwide survey by CIO, CSO and
METHODOLOGY
The Global State of Information Security® Survey 2015 is a worldwide study by
About CIO and CSO
CIO is the premier content and community resource for information technology executives and leaders thriving and prospering in this fast-paced era of IT transformation in the enterprise. The award-winning CIO portfolio—CIO.com, CIO magazine (launched in 1987), CIO executive programs, CIO marketing services,
CSO is the premier content and community resource for security decision-makers leading "business risk management" efforts within their organization. For more than a decade, CSO's award-winning Web site (CSOonline.com), executive conferences, marketing services and research have equipped security decision-makers to mitigate both IT and corporate/physical risk for their organizations and provided opportunities for security vendors looking to reach this audience. To assist CSOs in educating their organizations' employees on corporate and personal security practices, CSO also produces the quarterly newsletter Security Smart. CSO is published by IDG Enterprise, a subsidiary of
The Global State of Information Security® is a registered trademark of
About
About PwC US
PwC US helps organizations and individuals create the value they're looking for. We're a member of the
Learn more about
© 2014
Logo - http://photos.prnewswire.com/prnh/20100917/NY66894LOGO
SOURCE PwC US
Wordcount: | 1426 |
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News