2015 has been the year of high-profile cyber security breaches. From healthcare to financial, government as well as private firms, every sector was targeted by cyber criminals. These attacks have been surfacing from time to time. The numbers are alarming as these cyber attacks continue to escalate in frequency, severity and impact.
The Global State of Information Security Survey 2016 stated that there was a 38% increase in detected information security incidents. The explosion of data analytics , the digitization of business functions and a blending of service offerings across industries, to name a few- have expanded the use of technologies and data, and that is what is creating more risk than ever before.
“Many executives are declaring cyber as the risk that will define our generation,” said Dennis Chesley, Global Risk Consulting Leader for PwC. “As a result, businesses are taking an enterprise-wide business-oriented view of this important risk area.”
Methodology Of The Report
The Global State of Information Security ® Survey 2016 is a worldwide study by PwC, CIO and CSO. It was conducted online from May 7, 2015 to June 12, 2015. Readers of CIO and CSO and clients of PwC from around the globe were invited via email to participate in the survey.
The results discussed in this report are based on responses of more than 10,000 CEOs, CFOs, CIOs, CISOs, CSOs, VPs and directors of IT and security practices from more than 127 countries.
Key Insights From The Report
- In 2015, 38% more security incidents were detected than in 2014.
- Theft of “hard” intellectual property increased 56% in 2015.
- While employees remain the most cited source of compromise, incidents attributed to business partners climbed 22%.
- Respondents boosted their information security budgets by 24% in 2015.
- Average total financial losses due to security incidents decreased 5% from 2014 to 2015.
- Many organizations are incorporating strategic initiatives to improve security and reduce risks.
- Businesses are investing in core safeguards to better defend their ecosystems against evolving threats.
- The Most Significant Cyber Security Challenges Faced By Various Sectors.
- These sectors include financial services, public & private sectors, industrial products manufacturers, organizations related to entertainment, communications , power and utilities, retail and consumer, technology, telecommunications, and automotive.
- Security protocols/standards of third-party vendors.
- Rapidly evolving, sophisticated, & complex technologies.
- Cross-border data exchanges.
- Increased use of mobile technologies by customers.
- Heightened information security threats from outside the country.
- Interconnected ecosystem of data-driven technologies—essentially, the Internet of Things (IoT) opens up new avenues of cyber security risks.
- Adoption of 3D printing for high-volume production may increase risk to trade secrets and intellectual property.
- Content is often an EMC company’s most valuable asset—and it is increasingly under siege.
- Technology alone will not eliminate all cyber-risks. That’s why many organizations are also addressing the human aspects of cyber security.
- As power utility assets and systems are increasingly interconnected and generate more data, these systems and information assets are more at risk.
- Cybersecurity has become a driving issue for automotive organizations as security incidents accelerate and a combination of new risks associated with product lifecycle management, supply-chain partners, consumer privacy and connected vehicles are introduced.
- The real challenge is achieving sustained results from huge investments in cybersecurity.
Top Security Priorities for The Next 12 Months
- 24/7 monitoring for incidents.
- Enhancing cyber security with cloud computing.
- Making mobile devices more secure.
- Identity & access management.
- Regulatory compliance.
- Addressing risks of business partners.
- Elevating roles of the CISO and Board.
- Advancing authentication to defend data.
- Addressing the human aspects of cyber security.
- Intensifying regulatory scrutiny.
To view the full report, click here.