Businesses Overconfident on Cyber Security: Study

January 8, 2013

Businesses are overconfident about their cyber security and should treat data security breaches as inevitable, according to an article from Computer Weekly.

A new study from business advisory firm Deloitte shows that 88 percent of companies in technology, media and telecommunications (TMT) do not think they are vulnerable to an external cyber threat, the article says.

Although 68 percent of companies say they understand their cyber risks and 62 percent say they have a program in place to address those risks, 59 percent experienced a security breach, according to Deloitte’s sixth annual Global TMT Security Study.

More than half of those polled were aware of security breaches in the past year.

Deloitte says that companies should invest significant time and effort in detection and response planning. But despite the importance of such a disaster recovery plan, only half of companies have this planning in place, the article says. James Alexander, lead partner for TMT security at Deloitte, says that these statistics show that companies are “being overconfident in their resilience.”

Companies rated mistakes by their employees as the top threat, with 70 percent highlighting a lack of security awareness as a vulnerability. However, only 48 percent offer general security-related training, the article says.

Especially as smartphones and other personal, portable devices enter the workplace, business data and personal software applications mingling in a single device makes mobile devices a prime target for hackers and provides new opportunities for attack, Deloitte says in the report.

The study shows that only 52 percent of companies polled had a BYOD (bring your own device) policy, although 74 percent of respondents considered the increased use of mobile devices as a vulnerability.

The major concern for respondents was the security of the businesses they work with as organizations become more reliant on third parties. Seventy-four percent of respondents were concerned about third-party breaches.

While 55 percent of organizations are improving their knowledge of cyber crime, only 39 percent are gathering information about attacks specifically targeted at their organization, industry, brand or customers, Computer Weekly reports.

The top priority for TMT organizations was developing a security strategy and roadmap, implying that TMT organizations recognize that security is smart business, not just compliance, the article says.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

Businesses Overconfident on Cyber Security: Study

Related Articles

Related Events

Report Abusive Comment