What Security Issues Will Enterprises Face in the Next 12 Months?

October 25, 2019

A majority of enterprises (86 percent) have proactively amplified security initiatives over the last year to combat the increase in cybersecurity attacks.

The KnowBe4 2019 Security Threats and Trends report asked survey respondents what issues their enterprises would face over the next year or posed the greatest threats to their firm's security. Their responses included:

Email/phishing scams - 96 percent
End user carelessness - 76 percent
Social engineering - 70 percent
Targeted hacker attacks - 46 percent
BYOD/mobile devices - 35 percent
Password attacks -32 percent
Data leaks - 31 percent
Regulatory - 28 percent
Lost, stolen devices -23 percent
Network edge attacks - 23 percent
Misconfiguration errors - 21 percent
Back door open - 19 percent
Combination of issues - 14 percent
Denial of service - 14 percent
Insider attacks - 11 percent
Physical attack - 9 percent
Corporate Espionage - 5 percent
Eavesdropping - 5 percent

Additional findings include:

Nearly nine out of 10 businesses – 89 percent – say they’re currently better equipped to deal with security threats than they were in 2018.
Three quarters or 76 percent of organizations say the biggest and most persistent security threat comes from “the enemy from within” – careless end users – who regularly clicks on bad links, placing organizations at higher risk of falling victim to email phishing, ransomware, CEO fraud scams and various forms of malware.
58 percent of organizations cite budgetary constraints as an ongoing challenge in upgrading security.
43 percent of survey participants still don’t allocate a significant portion of their IT budgets towards security expenditures. One-third of respondents don’t have a separate security budget and another 13 percent say the organization’s security budget is less than $25,000 annually.
Only 14 percent of organizations say they’re concerned about insider attacks from existing employees.
Half of participating companies report their security and IT staff are overworked and 40 percent say their organizations will face a shortage of skilled security professionals within the next 12 months.
82 percent of respondents say proactive security maintenance (e.g., installing upgrades and patches) is a top priority over the next 12 months. That was followed by 61 percent of organizations that cite the need to keep pace with the latest security threats and 61 percent that say updating and enforcing computer security policies is major concern for their organization.
Some 27 percent of respondents identify their organizations’ inability to identify, quickly respond to and shut down hacks over the next 12 months as a top challenge and source of concern.
Only 18 percent of organizations calculate the hourly cost of downtime related to security hacks.
A 53 percent majority allow employees to access the corporate network and data using BYOD. However, only 39 percent of organizations currently have a plan to respond if a BYOD such as a laptop, tablet or smart phone is hacked, stolen or lost.

“This study shows us why it’s a really good idea to step your users through new-school security awareness training,” said Stu Sjouwerman, CEO, KnowBe4. “The threats aren’t going away any time soon – the bad guys are just getting more and more clever. That’s why it’s so important to build up your human firewall – your end users – to better protect your organization.”

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

What Security Issues Will Enterprises Face in the Next 12 Months?

Related Articles

Related Products

Related Events

Report Abusive Comment