IT disaster recovery, cloud computing and information security news

CISOs most worried about the human factor when it comes to cyber risk

Chief Information Security Officers (CISOs) are feeling less confident than ever about cyber risk and data security, a new Ponemon Institute survey shows. As today’s climate of high-profile data breaches continues, 66 percent of respondents believe their companies are more likely to fall victim to a cyberattack or data breach in 2018. And, 60 percent are more concerned about a data breach from a third party, such as a partner or vendor.

Sponsored by Opus and conducted by Ponemon Institute in late 2017, the survey reveals insights from 612 CISOs, CIOs and other information security professionals across a broad range of industries.

The top security threat on CISOs’ minds isn’t technology, hackers or malware but the human factor, with 70 percent of CISOs stating that ‘lack of competent in-house staff’ is their number one concern and 65 percent giving ‘inadequate inhouse expertise’ as the top reason they are likely to have a data breach. Many respondents (65 percent) also believe it’s highly likely they’ll experience credential theft due to a careless employee falling for a phishing scam.

Other key factors singled out as likely reasons for data breaches include the inability to protect sensitive and confidential data from unauthorized access (59 percent); inability to keep up with the sophistication of the attackers (56 percent); and failure to control third parties’ use of sensitive data (51 percent).

Disruptive technologies are also a concern, with IoT devices considered the most challenging to secure (60 percent of respondents), followed by mobile (54 percent) and cloud (50 percent).
Despite the risks, less than half believe their IT security budgets will go up.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.