If cybercrime were a business, its annual earnings – $500 billion – would rank third nationally among major corporations.
By 2020, cybercrime is projected to cost the global economy $2.5 trillion. Meanwhile, over 2 million new malware attacks are launched every day – and threats you thought were over, like WannaCry, are still out there.
As unnerving as the facts are, there’s another fact you should know: you can become cybersecurity ready, prepared to deal with attacks when they hit and even evade them before they strike. The steps are outlined in a new AT&T-sponsored research report by IDC, Cybersecurity Readiness: How "At Risk" Is Your Organization?
For the report, IDC surveyed over 800 C-level IT and line-of-business executives in large and mid-sized companies around the world. Their research identified four distinct levels of preparedness against cyberattacks.
In addition to establish the different levels, the report offers real-world recommendations:
Like any vital element of a corporation’s culture, cybersecurity readiness must permeate every level of an organization, starting with the board of directors and C-suite executives.
IDC found that 60 percent of Progressive companies reported their top leadership paid “very close” attention to security issues, with daily briefings and a “hands on” attitude. That attitude makes it clear to mid-level management and employees that policies should be adhered to, best practices followed, and key assets identified and protected.
To nurture the necessary involvement of upper management, CIOs and CISOs need to stop “speaking geek” in the boardroom and present new cybersecurity investments in terms of ROI, improved productivity and higher profits (there really is a correlation).
By 2020, cybercrime is projected to cost the global economy $2.5 trillion.
Beyond the dollars-and-cents costs that make headlines, every breach deals less quantifiable damage to your brand’s reputation and your customers’ loyalty. Two more reasons why frequent risk assessments and reviews should be an essential part of your organization’s overall cybersecurity stance.
Not surprisingly, IDC found that the most security-ready organizations performed risk assessments and reviews almost continuously. That may sound like an overreaction, but in a world where new risks emerge every day (remember all that malware?) it’s really nothing more than cold common sense.
First, they free up your in-house IT talent to handle critical day-to-day functions. Second, as cyberthreats and solutions continually evolve, third parties bring the up-to-date knowledge and expertise that few in your organization have the time to acquire. Finally, the most security-ready companies have found an impartial third party is the best candidate to perform thorough risk assessments.
Yet even near-continuous assessments are a waste of time unless they lead to substantive change. Progressive organizations aren’t shy about updating procedures, adopting new strategies and investing in the most advanced security solutions.
Learn the lesson military strategists have known for centuries: defending everything is the surest way to lose everything. Especially since SaaS, cloud, mobile and bring-your-own-device (BYOD) platforms have rendered any “perimeter defense” impossible.
Instead, using asset inventory and data classification tools, identify the data that matters most to your company and your customers. It will amount to no more than 20 percent of your total assets. These are your company’s crown jewels, deserving the effort and expense of the latest security technologies. Lesser assets might be entrusted to a managed security service provider.
Like any other aspect of your business, plowing money back into cybersecurity – especially in defense of that 20 percent – will only pay off. IDC discovered that Progressive organizations are in the habit of upping their security spend by as much as 40 percent every year, compared with more Passive concerns that settle for a 17 percent increase.
Right now, the most security-ready companies are investing in advanced threat detection and mitigation solutions, vulnerability management, data security, web security and even cloud application security brokers.
While only 16 percent of companies can be considered Progressive in their approach to cybersecurity, there's no reason that percentage can't grow. For the full story, view the full report, Cybersecurity Readiness: How "At Risk" Is Your Organization?
Share this with others
READ MORE ARTICLES ON:
Sign up for the AT&T Business newsletter
Your feedback will help us to improve AT&T Business so you continue to have a great experience when visiting us!
This survey is conducted by an independent company ForeSee for AT&T.
Yes, I’ll give feedback!
Please provide the following information to access your document:
* To access your content, please check your browser settings to make sure pop-up windows are allowed.