Should Firms Be Blamed For Increasing Cyber Attacks?

by CXOtoday News Desk    Oct 01, 2014

Cyber security

Despite increased preparedness, security breaches continue unabatedly. As concerns over cyber crimes increase and companies become more aware of safety standards, the attacks should have been eliminated, but reality is different. 

Organizations are highly vulnerable with their data and network being compromised more frequently. As analysts say, cyber risks can never be eliminated. They can only be reduced. 

Having a good cybersecurity team is a basic need, but hackers are well equipped and smart enough to study and target spaces that lack protection and unleash sophisticated attacks. Each time, they come with a surprising element. The data breaches not only affect the brand reputation, but they also result in financial and legal losses. 

The latest is the ‘Bash bug’, also called Shellshock, which is touted as the deadliest virus after Heartbleed that affected websites and devices powered  by Linux and Unix OS. 

Increasing attacks are an indication that organizations need to take cybersecurity as a serious business need. Investments in information security budgets declined 4% over 2013, says PwC. “Companies with revenues less than $100 million reduced security investments by 20% over 2013. Medium-size organizations and large companies report a modest 5% increase in security spending,” it said.

According to PwC’s Global State Information Security survey, majority of organizations have taken initiatives in mobile security and mobile device management, but internal app store has got the least attention.  

Organizations are warned against attacks perpetrated by insiders. Insiders don’t just mean employees. It could be the third parties with trusted network, says a PwC report.

 Going by emerging trends, it seems that organizations require much more than allocation of right-sized budget. What is essential is a holistic plan. “It is becoming increasingly clear that cyber-security and the corresponding risk mitigation strategies need to be intricately woven into strategic corporate decisions given the financial, reputational and legal impact on organizations,” says Sanjay Deshpande, Co-Founder & CEO, Uniken.

Big data offers the potential for security cover. A Gartner study said that by 2016, more than 25 per cent of global firms will adopt big data analytics for at least one security and fraud detection use case.

Avivah Litan, vice president and head analyst at Gartner, wrote in a blog post that big data was allowing companies to see a bigger picture of threats against their enterprises.  It allows companies to cut down on the noise and false alerts in existing monitoring systems.

But in their effort keep pace with digitalization, CIOs often ignore the basic necessities. As a Gartner study stated: many organizations lack the skills and capabilities to address upcoming challenges.

Hence the need of the hour is that organizations must stay agile, adopt a risk-based approach and prioritize data security.