80 Percent of U.S. Businesses Expect a Critical Breach in 2019

February 14, 2019

80 percent of IT business leaders anticipate a critical breach or successful cyberattack over the coming year, says a new survey.

Commissioned by Trend Micro, The Ponemon Institute conducted the CRI survey to measure business risk based on the difference between organizations’ current security posture and their likelihood of attack, with the goal of helping CISOs and their teams better assess, protect, detect, respond, and recover from serious cyber threats. The survey will be issued twice a year to observe trends and changes in business cyber risk.

“The overall Cyber Risk Index shows companies are at an elevated risk for cyberattack because critical data, operations, infrastructure and human capital are not well prioritized and protected,” says Jon Clay, director of global threat communications for Trend Micro. “We designed the CRI to help security leaders improve their visibility of cyber risks so they can better prepare against attacks. Additionally, understanding the key areas of risk can enable companies to provide better security while also meeting regulatory requirements.”

Respondents to the survey ranked research and development information, trade secrets, customer accounts, and other confidential information as the highest risk of loss when a breach occurs. This highlights a critical gap between data criticality and the protection measures in place to ensure their safety.

Additionally, the ability to securely implement disruptive technologies like mobile, cloud, and IoT devices was a great concern to those surveyed, along with detecting zero-day attacks. However, respondents positively reported that their CISOs have enough authority and resources to achieve a strong security posture.

“At its core, the Cyber Risk Index captures benchmarks derived from surveys compiled from IT and IT security practitioners in small, medium, and large companies,” says Larry Ponemon, chairman and founder of the Ponemon Institute. “Over time, these benchmarks can be used to pinpoint trends that will help CISOs proactively manage risks within the ever-changing cybersecurity ecosystem.”

A primary cause of these risks was found to be complex, misaligned organizations with a lack of security connectivity, scalability and agility, and too few qualified people to manage security systems.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

80 Percent of U.S. Businesses Expect a Critical Breach in 2019

Related Articles

Report Abusive Comment