When asked if they were confident in the US government’s ability to protect itself from cyber-attacks in 2017, only 17% of security pros say ‘yes.’
A survey of RSA attendees by Tripwire found that in the wake of the cybersecurity issues that plagued the US presidential election, 80% of respondents said they were more concerned about cybersecurity this year than in 2016.
“People and organizations alike look to the government to set an example and lead the way on all sorts of issues, including cybersecurity,” said David Meltzer, CTO at Tripwire. “What the results of this survey show is that seasoned cybersecurity professionals are not confident in the government’s current cybersecurity strategy, and these worries can trickle down to the list of concerns for an enterprise.”
He added, “While organizations look for their fears to be resolved over the next year, they will also need to increasingly work with security vendors to be reassured that they are taking the right security approach.”
Revealing their top concerns for their own organizations, 60% of respondents said they were confident in their own organizations’ abilities to enforce foundational security controls. When asked “what would you be most concerned about if your organization lacked a robust security program?” they said intellectual property theft (59%), followed by brand reputation (54%) and financial loss (53%). Nearly half (48%) of respondents said the lack of skilled people would most likely be the cause of security failures at their organizations, followed by inadequate processes (30%).
“With high profile data breaches hitting companies’ bottom lines, it’s no surprise that financial loss is high up on the list of security professionals’ concerns,” said Meltzer. “It’s encouraging to see that people recognize that bad security affects a company’s brand reputation, as it means people care more about their security. However, the looming skills shortage that’s already been identified as a pain point is worrisome. Companies need to look for technology that can increase automation in security and reduce the manual effort required of their employees.”