Technology is a almost always a double-edged sword. For every benefit or advantage it providers, there is also a caveat or pitfall that somehow exposes you to additional risk. Cybercriminals are working around the clock to find innovative ways to exploit holes in your networks and applications—which is why you need to be constantly vigilant as well to stay a step ahead…or at least not too many steps behind. The good news is that, according to a new survey from Scale Venture Partners (VP)—there is more focus and attention being paid to security.
A blog post by Ariel Tseitlin, a Partner at ScaleVP who leads the VC firm’s security investments, shared the new survey and some of the key details behind it. “Each year we poll a group of CISO and security executives to gather the pulse of what had the most impact on their jobs in the past year and what will be driving their investment strategies in the year ahead. Today, we are unveiling the results of our 4th annual survey: ‘Cybersecurity Perspectives 2018: the data breach effect.’”
Getting Some Perspective on Cybersecurity
You might be familiar with the concept of FOMO, which is an acronym for “fear of missing out”. The Scale VP survey highlights a variation of FOMO that seems to drive executive level decision-making. I call it “fear of being next.” Granted, FOBN doesn’t roll off the tongue like FOMO, but more than 90 percent of the executives surveyed indicated that they have made changes to their own security programs—increasing cybersecurity investments and adapting monitoring and reporting—in response to big data breaches that made headlines in the past year.
The General Data Protection Regulation (GDPR), which goes into effect in May, is also driving security strategy and investment. The GDPR is a European Union directive, but its application is broad enough that it will have a ripple effect with consequences for companies of all sizes and industries around the world. Most of the focus of the GDPR is on personal privacy and protecting sensitive information about individuals.
The report reveals that privacy is a top concern for executives. “Executives are very concerned about privacy specifically, but feel relatively prepared to handle cyber risks generally. While data breach of sensitive information was perceived as the No. 1 security risk over the past two years, data privacy and lack of privacy controls are increasingly pressing concerns. Still, four out of five executives feel they are more equipped than they were a year ago to handle cybersecurity risks overall.”
Some of the other key findings are:
- C-level execs are most concerned about threats from cryptomining and ransomware in the coming year, while data breaches and malware are top of mind for directors.
- Security leaders are investing most in protecting critical infrastructure—cloud, network and datacenter security—and increasingly threat intelligence.
- Volume of alerts and incidents of false positives, as well as outdated technology and processes, leaves organizations unable to effectively or efficiently spot and respond to real threats.
On that last point, the report explains, “In recent years, there has been an influx of detection tools that have crowded the market, all claiming to be the silver bullet for security. But these solutions have created an avalanche of alerts that security teams can’t efficiently or effectively triage. This means that one crucial alert that signifies a breach could be buried beneath hundreds of notifications, and teams could find it too late or miss it altogether.”
Survey results might not apply directly to your situation, but it’s generally good information to know and gives you a barometer you can measure your own security investments and activities against. Check out the Cybersecurity Perspectives 2018 report for yourself.