According to the world’s largest survey of IT leadership, the cybersecurity threat is at an all-time high, with the biggest jump in threats coming from insider attacks.
The 2017 Harvey Nash/KPMG CIO survey, the world’s largest survey of IT leadership has just been released and the findings are as relevant as ever. According to the report, digital strategies have infiltrated businesses across the globe at an entirely new level. Now in its 19th year, this year’s survey notes that cyber security vulnerability is at an all-time high, with a third of IT leaders reporting their organization had been subject to a major cyberattack in the past 24 months, an increase of 45% from 2013. What is even more alarming, is that the biggest jump in threats comes from insider attacks, increasing from 40% to 47% over the past year alone – but just 21% of IT leaders questioned responded that they are very well prepared to be able to respond to an attack.
Insufficient IT security
A recent poll among the top 500 C-level executives, echoes these sentiments. Here, a key finding was that the number one concern for top management is insufficient IT security. A staggering 57% of those polled noted that their main concern this year is a lack of IT security in their organization. Chief Information Officers (CIOs) are most worried, with 76% of them stating that a lack of IT security and cybercrime is their main concern - this coming from the one person in the company most senior and responsible for a solid IT security strategy, yet also most knowledgeable about the current risk landscape.
The survey also showed that 30% of those polled have IT security as one of their five main investment areas for the year – up from 17% in 2016 - and of them, 26% expect to increase their investment in cybercrime prevention by 10% compared to last year.
Top of mind
The cybercrime threat has undoubtedly moved closer and become top of mind for many. Cybercrime prevention is no longer merely an annual exercise to get over and done with, it is a continual piece of governance work, created and continually updated according to the organization’s risk appetite.
So what should organizations be doing to turn threat into advantage? Taking control of identities and privileges is a natural first step and improves your resilience to cyberattacks. Time and time again, security reports indicate that successful cyberattacks are the result of abuse of privileges. Managing the access to user accounts, including privileged accounts is therefore key and if this is not already being done, start now.
Get an overview of who has access to what, when and why - and who gives this access. And keep it continually updated. Governance of data means you are able to spot changes as and when they happen, but also that you are in control of the company data. Read more about Omada’s experiences here.
Read and learn more about Omada’s identity management and access governance solutions.