Cyber security, a top business priority in 2013, says study

by CXOtoday News Desk    Feb 20, 2013

cyber security pic1

Cyber security and resilience are becoming top business priorities for enterprises in 2013, especially in sectors such as IT, telecom and media, according to a recent Deloitte study.

The study found out that over 28 per cent of respondents said their organizations were the victims of at least one cyber attack in the past year, 9 per cent report multiple breaches, and an alarming 17 per cent were not confident that their organizations could even detect an attack.

“It’s no longer a discussion about if an organization will get hacked, but only a matter of when, and how quickly and effectively it will respond,” said Mark White, principal and chief technology officer, Deloitte Consulting LLP. He believes that companies should shift their focus to develop a robust information security strategy for managing their IT from an earlier compliance approach.

“Organizations across many industries need to change the lens through which they view cyber risk – not only relying on traditional security controls to reveal tell-tale signs of an effective attack – but by considering transforming the way they defend, detect and even manage security by leveraging cyber intelligence and advanced techniques to help identify the coming threat and proactively respond.”

The Deloitte study pointed out that nearly 50 per cent of enterprises identified and triaged threats within hours, while the other half took a longer time to identify and address threats, which is a matter of concern. The survey also noted that companies are realizing that people, process and technology are all critical to cyber threat programs. Nearly 28 per cent respondents said that having the right infrastructure and technology is the most important concern in their cyber threat program, followed by the right talent (26 per cent), effective operational processes (24 per cent) and adequate resourcing (22 per cent) respectively.

Deloitte also observed that information pertaining to personal information, intellectual property, corporate strategy and financial performance are mostly the target of attack by cyber criminals and organizations are increasingly investing to protect this information.

“Cyber security may sound technical in nature, but at its core it is a business issue. Any company’s competitive position and financial health may be at stake. Business and technology leaders need to engage in effective dialog about what the business values most, how the company can drive a competitive advantage, and which information and other digital assets are the most sensitive. Brand, customer trust and strategic positioning may be at risk,” said Kieran Norton, principal, Deloitte & Touche LLP and leader of Deloitte’s U.S. cyber threat management practice.

According to him, there may be no such thing as hacker-proof, but there’s a chance to reduce your cyber beacon, be less inviting to attack, and proactively establish outward- and inward-facing measures around your most valued assets.