Facebook iconTwitter icon
Less confidence in cyber security during 2016
Less confidence in cyber security during 2016
Time icon14 December 2016, 15:05 pm

IT specialists and decision makers worldwide have become increasingly concerned about cyber security issues and the safety of systems and data, according to a report published by CyberEdge Group and Tenable consultants.

Entitled the 2017 Global Cybersecurity Assurance Report Card, investigators looked at a number of key indicators to evaluate IT systems and company organisation. Seven hundred security professionals were interviewed and their feedback used to reach a final score that reflected their employer's ability to manage risk. Notably, confidence levels showed a fall of six percentage points year on year, resulting in a final average of 70 percent – equivalent to a grade of C minus.

A significant factor was a 12-point decline in the capability to assess risk adequately across a spectrum of eleven key areas. Cloud environments, endpoints and Web servers were just some areas taken into account to reach the figure. Somewhat alarmingly, certain aspects received mediocre reports while emerging categories such as containerisation and DevOps failed to reach adequate standards in risk prevention.

Various organisations reported concerns about constantly changing network environments, especially IoT (the Internet of things, i.e. device connectivity), Web apps, virtual machines and mobile devices. According to Cris Thomas, a strategist from Tenable Network Security, all areas required improvement.

Companies were reported to see the overwhelming pace of change and lack of employee security awareness as their two main challenges. Apparently, many organizations were still struggling to assess cloud risks, while confidence levels in mobile device risk assessment fell to a fail level of 57 percent.

Nonetheless, two-thirds of those security practitioners who were surveyed reported that they felt somewhat optimistic about their company or organisation’s ability to improve its performance in assessing and managing future cyber security risks.