Phoenix, Ariz. (Oct. 24, 2019) – According to the 2019 Cybersecurity and Threat Preparedness Survey, 39 percent of respondents indicate their company is under-prepared to handle a data breach and 66 percent prefer negotiating with a used car salesperson over dealing with a breach. Commissioned by Avertium, a leading provider of managed security and security consulting services, the online survey included responses from 223 cybersecurity and IT executives in the U.S. Key findings highlight attitudes toward new technologies, threat preparedness and investment strategies for 2020.
The Avertium Cybersecurity and Threat Preparedness Survey brings to light the love-hate relationship between security and IT professionals and technology. Most professionals believe technology will be pivotal in the future of cybersecurity with nearly two-thirds (65 percent) of respondents saying that Artificial Intelligence (AI) or Machine Learning (ML) will be able to solve more problems than humans. Despite this belief, only 36 percent have deployed these technologies in their environments. This relatively low adoption rate correlates with two of the top pain points cited by respondents: managing the increasing complexity of the cyber tech stack (76 percent) and the volume and sophistication of hacks (75 percent).
The survey findings also point to the continued criticality of the human element in identifying and addressing cyber threats. More than half (52 percent) report plans to expand the cybersecurity team at their respective companies in 2020.
“Today’s cyberattacks can cost a company well over $1 million per incident. Security leaders that place too much emphasis on the latest technologies are missing out on the other four elements of a sound cybersecurity strategy,” shared Jeff Schmidt, CEO of Avertium. “People are the very first element in a pragmatic cybersecurity strategy with the other four being process, policies, technology and automation and it is good news that more than half of the companies are improving their security posture by adding to in-house capabilities or augmenting it with consultants.”
Training and Education Is Critical
Despite the increase in types of attacks and sophistication of hackers, industry professionals’ greatest concerns continue to be phishing (81 percent) and malware (67 percent). To educate employees on preventing exposure to these types of threats, more than 90 percent of companies accounted for in the survey have at least one process in place, including incorporating it in new employee orientation (63 percent) and hosting annual training sessions (46 percent). To share common signs of phishing scams, three-quarters (74 percent) of respondents send email communication and nearly three-fifths (58 percent) conduct regular phishing exercises.
· The top two greatest pain points for cybersecurity professionals are the increasing complexity of cybersecurity tech stacks (76 percent) and the volume and sophistication of hacks (75 percent), with three others in a tie for third place: third-party or partner vulnerability (66 percent), increase in vulnerability due to digital transformation (65 percent) and the cost and complexity of achieving regulatory compliance (65 percent).
- 39 percent believe their company is underprepared to handle a cyber breach
- On average, companies plan to increase investments by 36 percent in 2020
- 52 percent plan to increase their cybersecurity team in 2020
- 93 percent have formal training in place to educate employees on cyber threats
- Phishing (78 percent) and Malware (62 percent) continue to be the most concerning attacks for companies, and will remain so in 2020 – Phishing (81 percent) and Malware (67 percent
Independent databases of cybersecurity professionals were invited to participate in a web survey conducted by Research Corp., via Survey Monkey. The 2019 report data comprises 223 responses from organizations with more than 50 employees. The margin of error for the survey at the 95 percent confidence level is +/- 6.5%.