The current digital environment isn't looking good for anyone from a security point of view yet even those who are expected to be at the forefront of this problem are also having a tough time handling the situation.
Even security executives of some of the biggest companies on the planet are complaining about inadequate resources, lack of regulation, poor policy implementation, and a plethora of other problems that are undermining the security of their organizations. The recent Global Information Security Survey 2021 (GISS) has uncovered some disturbing facts that have everyone concerned.
The survey that included over a thousand high-level security officials concluded that the majority of the participants are under a greater threat and facing a greater security challenge than ever before. Not only are attacks getting more complex and their ever-growing databases getting harder to protect, but even these big companies are finding it difficult to put together enough resources to invest in a comprehensive security solution.
The pandemic has changed things in the cybersecurity realm but as businesses are still trying to stabilize from this major disruption their current focus is on creating solutions and investing in technology that will protect them from similar disruptions in the future.
It is important to be prepared for extreme situations such as those that presented themselves in 2019. It is also important to understand that security is an ongoing process and a lapse in security could not only be disruptive, but it could also be fatal.
More specifically, there are a few things that cybersecurity experts need to keep on top of their agenda.
Transformation = Risk
The pandemic was and is still a time where businesses in every industry have shown a level of development, strategic thinking, and fluidity that was never thought possible. They have made changes in record time and taken steps in a matter of days that would otherwise have taken years to implement. While these developments were fantastic it also meant that they took on more risk in record time and more kinds of risk than they had ever anticipated. Focusing purely on change, development, and forward strategies leaves the gate wide open for attackers when you don’t take calculated decisions and weigh out your options.
Security Experts Aren’t Valued
Over 50% of the CISO's that were surveyed stated that they were not consulted in strategic decisions or even in decisions within the cybersecurity space. They also added that to get things off the ground executive management overlooks the importance of digital security and does what they think is right for development without considering the consequences.
The average revenue of the companies that were surveyed was more than $11 billion per year, whereas their spending on cyber security was 0.05% of that figure. Consequently, CISOs simply don’t have the budget to create an infrastructure that will support operations of the magnitude. Without finances, skill can only do so much.
CISOs agree that the role of cybersecurity is only growing in importance, but without the attention that this department needs progress cannot be made. Here, businesses are not only putting themselves at risk but are also risking the jobs of people they employ and the information of clients that they serve.