The 21st edition of EY Global Information Security Survey captures the responses of over 1,400 C-suite leaders and information security and IT executives/managers, representing many of the worlds largest and most recognized global organizations. The research was conducted between April-July 2018.
According to the authors of the report, the challenge for organizations is to progress on three fronts simultaneously: protect the enterprise, optimize cybersecurity, and enable growth. However, the survey results also suggest that organizations need to do more. More than three-quarters (87%) of organizations do not yet have a sufficient budget to provide the levels of cybersecurity and resilience they want. Protections are patchy, relatively few organizations are prioritizing advanced capabilities, and cybersecurity too often remains isolated from business strategies. Those industries that are turning quickest to the digital opportunity must now spend the money on the cybersecurity side of things.
Some 70% of organizations say their senior leadership has a comprehensive understanding of security or is taking positive steps to improve their understanding.
Phishing and malware underpin a large number of successful attacks; the survey shows that organizations see them as the biggest threats. The EY experts observe that although investments in cybersecurity are on the rise and protection has improved across the board, successful cyber-attacks are increasing. As stated by the authors of the report, cybersecurity needs to be in the DNA of the organization, and companies should start by making it an integral part of the business strategy.