By Alex Braelow
A new report from Kaspersky Lab found most IT professionals and decision makers expect their company to experience a cyber attack within the year. In spite of this, many lack the resources and personnel necessary to prepare or respond.
Kaspersky Lab recently conducted a survey of IT professionals charged with cybersecurity decision-making responsibilities. The survey revealed that a whopping 77% of respondents anticipated that their enterprises would be targeted by a coordinated cybersecurity attack within the next 12 months.
More startling, the Kaspersky Lab survey, which culminated in The State of Industrial Cybersecurity 2018 report, found that 48% of respondents have no cybersecurity incident response plan in place to counteract an attack. This, taken in context with the general consensus that cybersecurity is a critical priority for enterprises, is perplexing.
Or is it?
To mount a proper defense against cybersecurity breaches, companies must absorb the requisite costs and invest in the necessary personnel. This is not easy. The financial costs of implementing cybersecurity systems alone is enough to discourage companies from making the investment. It should also be noted that, with such systems, one size does not fit all. Before companies even reach for their credit cards, they must do their homework.
The modern workplace, for instance, relies on a broad scope of tools, starting with computers, laptops, mobile phones, and IoT devices. In addition, no enterprise implements these tools in the same way. Thus, in order to establish effective cybersecurity systems, companies will need to devise strategies, based on their specific needs, that address the various risks for each type of device. So while Kaspersky Lab’s survey respondents expect an uptick in cybersecurity spending, there is no guarantee that this will sufficiently address all vulnerabilities.
Moreover, while hiring qualified personnel is essential to the cybersecurity mission, it is by no means a no-brainer. 58% of the survey respondents consider finding candidates, and the costs associated with compensating them, to be a major challenge to their companies’ overall success.
The State of Industrial Cybersecurity 2018 reveals that there is widespread anxiety around imminent cybersecurity breaches. And because company stakeholders expect to have a plan in place to counteract the damage caused by any such attack, it also emphasizes the importance of establishing a company-wide cybersecurity system. This system must be complete with internal controls, security protocols, employee training programs, and experienced cybersecurity professionals. While this is no easy task, it is one that is critical to undertake for any company that gives security serious consideration.