In the distributed cyber security ecosystem, are leaders losing control over cyber threats?
Nearly 50% of all corporate executives state that they are making additional investments in cyber security. Broadly speaking, senior executives and board members have become far more cognizant of the financial, regulatory and legal consequences associated with cyber attacks than ever before.
Organizations have devoted extensive time and attention to cyber threats, but the vast majority of organizations are still under water. Does it feel like your organization keeps talking about cyber security and agreeing on ideas, but that real progress has proven minimal? Are there overlooked keys to greater cyber security success?
In this article, discover insights that can change leaders’ perspectives, restart conversations, help teams recognize security weaknesses, and assist in repositioning existing resources to better address the complex realities surrounding cyber security threats.
Cyber security statistics
1. An estimated 300 billion passwords are used by humans and machines worldwide.
2. The average time to identify a breach is approximately 212 (It then requires 75 days for containment, culminating in a 287 day breach lifecycle.)
3. 68% of business leaders feel that their cyber security risks are increasing.
4. Whether intentional or unintentional, 43% of all breaches are insider threats.
5. In 2021, ~70% of breaches were financially motivated. Fewer than 5% were motivated by espionage.
6. More than 50% of IT decision makers state that phishing attacks represent a top security concern. Since the start of the coronavirus pandemic, a quarter of all employees have reported an increase in fraudulent emails, spam and phishing attempts in corporate inboxes.
7. Nearly half of all organizations have had at least one employee who has accidentally downloaded a malicious app.
8. Advertisement fraud is expected to result in losses of $100 billion by 2024.
9. To improve trust with consumers, 64% of investors believe that businesses should prioritize cyber security investments.
10. 30% of businesses fail to apply adequate security controls. Proper security protects environments against attacks, limiting business losses and liabilities.
Let’s briefly dig into the last statistic – 30% of businesses fail to apply adequate security controls. Why is that? Research analysts have discovered that organizations often fail to implement strong cyber security for three very specific reasons:
1. The inability to prioritize cyber security risk across the entire enterprise. The number of different attack vectors, priorities and other ‘moving parts’ within the equation make this unsurprising.
2. Lack of management alignment around priorities. For management, it can be difficult to focus on a topic that does not seem to directly contribute to revenue.
3. Lack of adequate funding. The C-suite may deride cyber security as a bottomless money pit, and commonly fail to see its necessity as a self-preservation mechanism.
Do these reasons resonate within your organizational environment? To help your organization move beyond them, read about 7 actionable CISO strategies for effective executive-level communication.
Ensure that your organization retains the cyber security protection that it needs in order to elegantly repel the latest wave of persistent cyber criminal attacks. To receive cutting-edge cyber security news, exclusive interviews, high-minded expert analyses and leading security resources, please sign up for the CyberTalk.org newsletter.