How confident are you in your cybersecurity readiness?
According to more than half (52%) of the respondents to an Avertium survey, their organization plans to expand their cybersecurity teams in 2020—including both employees and outside consultants.
Another result from the study is interesting in that they reveal how human error remains as concerning an issue as it always has been. Specifically, phishing and malware, at 81% and 67% respectively. These are two attack types that are highly dependent on human staff clicking on something they shouldn’t, thus allowing cyber criminals to steal information like employee credentials, or inject malware into the environment. We have written our fair share on that subject here, and it’s surprising (though perhaps it shouldn’t be) that even after all this time, surveys like this show how far the industry still has to go. Educating staff to avoid becoming the weak link continues to compel training sessions, exercises, or any other processes an organization might have. At the very least, 93% of respondents do have a minimum of one process like this. That’s more than you could have said just a few years ago, and demonstrates how the issue is now taken quite seriously in general.
The study also reconfirms other common knowledge, such as the perceived lack of preparation for cyber threats and data breaches. A stat like 39% might still seem substantial, and it is to a degree, but it shows the improved confidence across the board that 61% have in their organization’s security posture and policies in the event of an incident. Of course, whether this confidence is merited is another story.
Still, the planned increase in cybersecurity investment is promising, especially as the threat of ransomware is one that keeps growing throughout the industry. That goes for both scale and sophistication. Recent reports have more than 20 government agencies in Texas targeted by a coordinated ransomware attack, with a demand of $2.5 million to recover the hostage data. Situations like that can easily increase, as ransomware providers have already begun offering strains like CryptoWall, Locky and TeslaCrypt for use.
Even as the technology and the methods evolve, however, ensuring a competent team is in place and educating employees remain two of the most crucial tools for effectively preventing your security from being breached.