Cybersecurity is considered a strategic issue only in every fifth company in the world
Research by analysts demonstrates the extremely low level of involvement of top managers of companies around the world in ensuring the cybersecurity of their organizations. They will not pay attention to the problem until they themselves suffer from attacks, although many intend to increase investment in information security.
More than half of global companies have not yet included cyber threat resilience in their IT strategies. This is evidenced by the results of a study by Ernst & Young experts in 2018-19, during which they interviewed 1,400 top managers around the world. At the same time, 77% of companies operate only with the basic means of ensuring cybersecurity. According to analysts, such organizations often do not even have a common idea about which information assets are of the greatest importance and need serious protection.
“Budget and skill constraints force today's security leaders to make critical decisions or compromises when it comes to implementing a unified cybersecurity strategy,” said Mikhail Rodionov, head of the Fortinet office in Russia and Kazakhstan. “The main constraints noted by CISO respondents include the lack of a centrally organized cybersecurity strategy, an adequate budget, and support from senior management.”
More than half of global companies have not yet included cyber threat resilience in their IT strategies. The positive point in Ernst & Young is the fact that cybersecurity budgets are growing. Two-thirds of large companies intend to seriously increase their investment in information security in 2019 (63%) and in 2020 (67%). For medium-sized businesses, these figures are noticeably lower - 50% and 66%, respectively.