Cybercrime 'greatest global threat' to customer survival
Organisations must take information security more seriously, warns new EY report
EY – the Big Four consultancy formerly known as Ernst & Young – has warned that cybersecurity should be top priority for organisations as the risks continue to mount.
Ken Allan, global information security leader at EY, said organisations are planning to spend more as current levels of protection are insufficient.
"Cybercrime is the greatest threat to organisations' survival today," he claimed in a media alert.
He said that while budget allocations toward security innovation are inching their way up, enabling organisations to channel more resources towards protection against future risk, EY's latest Global Information Security Report found that many information security professionals who responded continue to feel that their budgets are insufficient to achieve this.
Information security functions are not meeting the needs of 83 per cent of organisations, according to a global poll of 1,900 senior executives, he said.
There are more security breaches than ever, the report found, and – on a good note for the channel – respondents from 93 per cent of the organisations surveyed indicated they plan to either maintain or increase spending on cybersecurity as a result.
Thirty-one per cent of respondents said the number of security incidents in their organisation had risen by five per cent or more over the past 12 months.
Paul van Kessel, global risk leader at EY, noted that many have realised the extent and depth of the threat posed as well, and 70 per cent of respondent companies are now assigning information security responsibility to the highest executive levels.
"This year's survey shows that organisations are moving in the right direction, but more still needs to be done – urgently," van Kessel said.
"There are promising signs that the issue is now gaining traction at the highest levels. In 2012, none of the information security professionals surveyed reported to senior executives – in 2013 this jumped to 35 per cent."
Sixty-five per cent cited lack of money as their number-one challenge when beating cyberthreats. And among smaller organisations with revenue of $10m (£6.2m) or less this proportion rose to 71 per cent, according to EY.
About half also said they had a skills shortage issue when it comes to information security.
Yet Allan added that organisations are putting all their energy into addressing current technology issues.
"How will they protect themselves against technologies that are just around the corner? If organisations still don't have a high level of confidence after four years of mobile device use in the workplace, how will they face the challenge of managing and defending against personal and hosted clouds, for example?"