Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary
No question about it: Information security—or, more precisely, the lack of it—is firmly on the radar for business and information-technology leaders in organizations of all sizes and in every sector. Many executives and managers fear that their companies are ill-prepared to prevent, detect and effectivley respond to various types of cyberattacks, and a shortage of in-house security expertise remains of widespread concern.
Those are among the initial findings of the Cybersecurity Challenges, Risks, Trends, and Impacts Survey, conducted by MIT Technology Review Custom in February 2016. About 225 business and IT executives, directors, managers, and other leaders participated in the online survey, which was commissioned by DXC Technology and FireEye Inc.
While the research team continues to analyze survey results, themes about several key issues have already emerged. Among them:
- Few survey respondents are fully confident in their ability to respond to security threats. For instance, only about 6 percent of those surveyed believe their organizations are “extremely well prepared” to respond to a security breach involving a major loss of information.
- Many struggle to hire and retain highly qualified security specialists. “Lack of in-house expertise” ranks as the single greatest information-security challenge, cited by more than one-third of participants.
- Most lack information risk-management strategies. While many expect to develop them, roughly 25 percent either have no plans to do so—or simply don’t know whether their organizations have, or eventually will have, such strategies.
- Most see multiple security threats on the rise. Areas of greatest concern include threats related to mobile computing, email- or Web-based attacks, and the vulnerabilities created by the bring-your-own-device (BYOD)/bring-your-own apps (BYOA) workplace trends.
- A majority report experiencing either more or as many data attacks today as in 2014. Only 7 percent report fewer attacks now than two years ago.
- Participants call “lost time and productivity” the most negative effect of recent breaches. Other impacts include remediation time and necessary expenditures on consultants and additional technologies.
Please read the survey report for highlights.