In response to the growing number of ransomware and cyberattacks across the globe, Armis has surveyed over 100 security professionals to explore the major challenges, risks, and worries of business leaders in the cybersecurity industry. Top industry risks were found to be employee behaviour, poor asset visibility and poor patch management practices.
After years of fighting for airtime at the top, almost seven in 10 respondents claimed that board involvement in cybersecurity has increased within the past six months. Though encouraging, nearly a quarter (23%) of respondents thought that board members still do not have enough involvement with cybersecurity.
Results indicate that the top five priorities for cybersecurity are risk assessment, compliance, asset visibility, security awareness training and threat detection/incident response. Furthermore, organisations have begun modifying their responses to cybersecurity concerns over the last six months, with a third saying their businesses had reviewed and/or tightened security policies. However, significant challenges remain; only 25% of respondents had performed a total risk assessment in the past six months.
“Given how fast things evolve in most of today’s environments, six months can be an eternity,” said Andy Norton, European Cyber Risk Officer at Armis. “This means that 75% of respondents are providing their boards with out-of-date and stale data that is not fit for timely risk assessments. Organisations can and should aim higher, particularly as capabilities now exist for performing continuous risk assessments, which can help them achieve the next crucial step towards risk assessment maturity.”
When it comes to the geopolitical landscape, three in five respondents said they’re dealing with more security alerts, and almost two-thirds expressed worries about Russian attacks on UK critical national infrastructure (CNI).
“Given the security environment in Europe, it is crucial that organisations in NATO countries continue to shore up defences and scale up the ability to handle a growing number of vulnerabilities,” noted Norton. “Insights revealed in this survey highlight that, yes, businesses are making some progress, but there is room for improvement when it comes to providing business leaders with real-time information that will help them allocate the right resources and make the best decisions regarding their cybersecurity strategies.”
