According to a study conducted by EY, over 50 percent of companies recently faced dangerous cyberattacks.
Global companies are more confident than ever in their capacity to foresee and face a sophisticated cyber attack, but do not have the investment and plans to bounce back in case of an attack, against the background of an increase in the types of cyber threats, the annual EY report on security of information ‘Path to cyber resilience: Sense, resist, react’ shows.
Over half (57 percent) of companies believe it is a top priority to continue running their business in case of disaster and to bounce back, however, only 39 percent plans to increase investments in this area in the coming year. A total of 42 percent of respondents do not have a set communication strategy or an action plan to counteract a major cyberattack. Moreover, over 86 percent state that the function connected to cyber security does not fully satisfy the need of the organization.
The EY study, in its nineteenth edition, is based on a survey that included 1,735 organizations worldwide and analyses some of the most imprtant security issues organizations are facing în the current digital ecosystem. Results show that half (50 percent) of those questioned believe they can detect a sophisticated cyber attack – the highest trust level since 2013 – follwing investments made in intelligent solutions to detect and anticipate threats, in continuous monitoring tools, in security operation centers (SOC) and în active defense mechanisms.
Despite these investments, 86 percent of companies questioned say the cyber security function does not fully satisfy the needs of the organization they are part of.
„Organziations have come a long way in preparing response strategy against cybercrime, but no matter how fast they gear up, criminals always bring new tricks. In the event of an attack, organizations must have a contingency plan and be prepared to quickly repair the damage, to get back on their feet. Otherwise, they are putting under threat customers, employees, suppliers and, ultimately, their own future. Those responsible for risk management must address the next generation of security solutions, Nextgen Security, which adapts on the go the response on potential threats, taking into account new regulations compliance, “Carmen Adamescu, Partner of EY Romania, states.
Almost two thirds of organizations (64 percent) do not have a formal program to alert on the cyber threats or have only installed an informal program. When it comes to identifying vulnerabilities or only have informal capabilities, and 44 percent have a security operation center to continuously monitor possible threats.