The Latest / Data Security News

Cyber Security Overconfidence?

November 10, 2016

The threats that organizations around the world face when it comes to their cyber security are constantly growing and becoming more serious. Earlier this week, we looked at the sheer number of threats and challenges organizations face that were highlighted in a report by Europol. This week, another report has revealed perhaps a more pressing issue. Not only are the threats real and numerous, but apparently far too many organizations are also unwarrantedly overconfident in their ability to handle them.


Mixed report

The report comes from Accenture. It surveyed the security executives of some 2000 businesses from around the globe. What it found was that three out of four security executives were happy with their cyber security capabilities and are confident they could stop a cyber-attack to their organization.

You would think then that Accenture’s analysis of the various companies’ cyber security performance would also have been positive overall. But that’s simply not the case. The report found that, on average, the organizations concerned faced 106 attacks per year and that one-third of those were successful. That’s nearly three successful hacks a month, close to one a week, and as we all know, it only takes one to cause some serious damage.

Internal monitoring

Organizations are not just having issues stopping attacks being successful, they are also struggling to detect when a hack has actually happened – something we’ve seen so many times in the past. In fact, more than 50 percent of those surveyed admitted it often takes months to detect certain sophisticated attacks, and that – in a third of cases – it is external sources who eventually notify them of the issue in their system.

On top of all that, two out of three of the organizations said they lacked the ability to internally monitor their workforce for insider threats or poor security practices. Everything considered, it is a bit bewildering how that ‘three-out-of-four’ level of high confidence in their own cyber security capabilities ever came about.

Unneeded complication

Cyber security is not something you can put a brave face on and hope for the best. If you don’t take it seriously, then make no mistake, eventually you will be seriously got – and gotten good. Strong cyber security needs to be embedded into the culture of an organization from the top to the bottom, not something that is just the sole responsibility of the IT team. In fact, the report found only 15 percent of the organizations surveyed felt they had achieved that kind of security-aware focus throughout their employees.

There are lots of really nasty dangers out there. The last thing we need are organizations being overconfident in their ability to take them on successfully. Organizations need security solutions that take no chances and cut no corners. That’s what our Global Data Sentinel Security Ecosystem can help provide, and you can find out more about how we go about it here.