Cybersecurity incidents and attacks have become almost daily news, and two new surveys give voice to the executives and cybersecurity professionals struggling to defend their organizations.
PwC, collaborating with CSO, the U.S. Secret Service, and the Software Engineering Institute CERT® Division at Carnegie Mellon University, surveyed more than 500 executives from U.S. businesses, law enforcement services and government agencies. Dark Reading and Black Hat surveyed 460 security professionals, predominantly at large companies, all of them past attendees of the Black Hat USA conference.
Cybersecurity is a fast-growing business risk but it is still poorly understood
A record 79% of executives said they detected a security incident in the past 12 months , and there were 163 security incidents per organization on average, 21% more than the year before. Because many incidents go undetected, the real number is likely higher (PwC). 73% of security professionals say it is likely that they will have to respond to a significant compromise in the coming year (Black Hat). Ransomware, a comparatively new type of cybercrime where organizations are forced to pay for the removal of malware affecting their systems, was cited as current threat by 13% of executives. In response to the increased sophistication and number of threats and incidents, 45% of executives said they increased information security spending over the year before and 20% of large businesses said they raised security investments by 20% or more in 2014 (PwC). Still, 69% of large organizations (1,000+ employees) could not estimate the financial impact after…