The FINANCIAL — More than one in four (28 percent) of respondents surveyed report their organizations were the victims of at least one cyberattack in the past year; nine percent report multiple breaches and an alarming 17 percent were not confident that their organizations could even detect an attack, according to a Deloitte Tech Trends poll of 1,749 business professionals.
“It’s no longer a discussion about if an organization will get hacked, but only a matter of when, and how quickly and effectively it will respond,” said Mark White, principal and chief technology officer, Deloitte Consulting LLP. “Organizations across many industries need to change the lens through which they view cyber risk – not only relying on traditional security controls to reveal tell-tale signs of an effective attack – but by considering transforming the way they defend, detect and even manage security by leveraging cyber intelligence and advanced techniques to help identify the coming threat and proactively respond.”
Additional findings from the poll include: Response times to identify and address breaches vary, with plenty of room for improvement. Almost half (48 percent) of respondents polled said their organizations identified and triaged threats within hours, while approximately one in five (21 percent) reported their organizations did so within a week, and nearly one in 10 (9 percent) said it took more than a week.
People, process and technology are ALL critical to cyber threat programs.
Respondents said the following concerned their organizations the most regarding their cyber threat programs:
infrastructure and technology (28 percent);
right talent/right skills (26 percent);
effective operational processes (24 percent) and adequate resourcing/funding (22 percent).
Consumer/personal information is highly valued by cyber criminals and organizations invest heavily trying to protect it.
Respondents put a high price tag on consumer/personal information, with approximately half (49 percent) reporting that this type of data would be of most value to cyber-criminals, followed by intellectual property (27 percent); corporate strategy information (13 percent) and financial performance information (11 percent).
Consistent with this data, more than half (55 percent) of respondents said their organizations most heavily invested in protecting consumer/personal information, followed by intellectual property (23 percent).
“Cyber security may sound technical in nature, but at its core it is a business issue. Any company’s competitive position and financial health may be at stake. Business and technology leaders need to engage in effective dialog about what the business values most, how the company can drive a competitive advantage and which information and other digital assets are the most sensitive. Brand, customer trust and strategic positioning may be at risk,” said Kieran Norton, principal, Deloitte & Touche LLP and leader of Deloitte’s U.S. cyber threat management practice. “There may be no such thing as hacker-proof, but there’s a chance to reduce your cyber beacon, be less inviting to attack and proactively establish outward- and inward-facing measures around your most valued assets.”
Discussion about this post