Security professionals in Europe, Middle East, Africa and Russia have shared their insights about cyber threats, security challenges and opportunities in 2018.
“There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.”John Chambers, former CEO, Cisco
The real number may be even higher: not all companies detect (or admit) they had breaches. Hackers are getting much better at disguising their attacks, so they can remain undetected for a longer period of time and extract more data.
It is the second biggest concern in the UK, Spain and Russia, only behind budget constraints. Estimates show that there may be 3.5 million unfilled security jobs by 2021. It is important that companies consider their options to face this growing challenge, such as training their IT staff to take on security roles or automating processes to reduce overhead.
We observed a strong correlation between having a high number of vendors and how challenging it is for a company to manage security. IT security complexity is a big issue for security professionals, especially when considering the lack of budget and resources that they often face. Companies that invest in a security architecture and move away from a “best-of-breed” approach often experience less complexity.
This means that only 9.5% of all alerts in EMEAR are remediated, which could pose a threat to a company’s security.
These companies are so overwhelmed by security demands that they are struggling to remain proactive on threat detection. It is crucial that companies continue to invest in staying ahead of hackers and also prepare to detect and respond faster to any cyber attacks.
This damage includes the costs of repairing systems as well as other financial losses, such loss of revenue and customers.
Public scrutiny may come from customers, partners, investors, shareholders, a board of executives, the media or any other stakeholder in the company. A public data breach could have a huge impact on a company’s reputation, if it is not well managed.
It can take a lot of time, resources and budget for a company to recover from a large-scale cyber attack. Companies should always assume the worst may happen and have a plan in place, which should cover not only data back up and incident response plans but also how to deal with the breach from a public relations and legal perspective.
Longer outages will always be a headache for any organisation, but in industries that offer critical infrastructure services, such as utilities, healthcare or transportation, an outage may pose a risk to the safety and wellbeing of thousands of citizens.
Technology can be a great ally in reducing the burden of managing complex IT security infrastructures. However, it is only a part of the equation. A strong cyber security posture relies on a combination of advanced technology, clear processes and qualified people.
Read the global study findings on the Cisco 2018 Annual Cybersecurity Report (pages 46 – 68).
The Cisco 2018 Security Capabilities Benchmark Study offers insights on security practices currently in use, and compares these results with those of the 2017, 2016, and 2015 studies. The global research involved more than 3600 respondents across 26 countries and the findings are available on the Cisco 2018 Annual Cybersecurity Report.
This page displays an excerpt of the EMEAR data, which included the responses from security professionals in the following countries: Belgium, France, Germany, Italy, Netherlands, Poland, Russia, Saudi Arabia, South Africa, Spain, Sweden, Switzerland, Turkey, United Arab Emirates and United Kingdom. The data displayed here focuses on 3 areas of the study: security challenges, cyber attacks and adoption of new technology.