Network Security Breaches Are Inevitable — Even CISOs Think So

Rising cybersecurity threats and evolving corporate cultures have made it increasingly difficult for CISOs to adequately protect their companies’ data.

According to cybersecurity experts, a number of issues are making it more difficult than ever for CISOs to safeguard their enterprises’ proprietary data. Whether they’re contending with state-sponsored cyberattacks or changing in-house network infrastructure, CISOs today are fighting a war on two fronts between cybercrime and limited IT budgets.

Taken together, this reality has led 84% of CISOs in North America to believe that cybersecurity breaches are inevitable, per a new report from Kaspersky Lab. Their survey reached out to 250 security officers, asking questions that ranged from the state of the cybersecurity industry to the institutional forces CISOs must navigate within their own firms.

 

Understanding the Report

According to the Kaspersky Lab report, CISOs have identified a host of challenges that are putting increasing pressure on the already high-stakes field of enterprise cybersecurity. On an international scale, 40% of security directors believe that financially motivated cybercriminal organizations represent the greatest digital threat. Next, 29% of CISOs surveyed identify malicious insider attacks as the premier threat facing today’s businesses.

With these types of threats posing the greatest risks to organizations, security directors noted a range of issues that make their roles more difficult. Indeed, when asked to identify the industry forces that challenge cybersecurity, CISOs chose the move to the cloud and the rising popularity of remote work as the top issue (57%), followed by the management of personal data and sensitive information (54%) and the international uptick in cybercrime (50%).

The report also highlights the fraught relationship CISOs often have with the rest of their organization when it comes to securing the funds they need to properly execute their roles. For example, while 60% of security directors in North America expect their budgets to increase, over a third of those surveyed explain that they are not likely to get the resources required to properly protect their companies because they cannot guarantee with absolute certainty that there won’t be some kind of breach.

 

The State of Cybersecurity

For CISOs working to protect their companies, the effects of data breaches are clear. According to the Kaspersky Lab report, reputational loss (28%), financial loss (25%), disruption to business continuity (18%), and data compromise (16%) make up the top risks to businesses in the wake of a cyber attack.

Highly visible companies of late have had to deal with the aftermath of severe data security breaches. In March, the Department of Justice indicted nine hackers who had operated from Iran in connection with alleged cyber attacks on 144 American universities, 47 private companies, and governmental organizations such as the UN and the US Federal Energy Regulatory Commission. According to the DOJ, hackers stole intellectual property estimated to be worth $3 billion.

While that attack was likely the result of unexpecting officials opening spearfishing emails and clicking on malicious links, not all cyberattacks are the result of inexperienced employees. In February, Under Armour’s MyFitnessPal app suffered a breach in which hackers stole 150 million users’ data. Thankfully, the company had security measures in place that prevented theft of data relating to location, credit card numbers, and birth dates, but the episode serves a warning that even the most prepared organizations are facing mounting and increasingly sophisticated threats.

 

What Your Organization Can Do About It

Regardless of the size of your organization or the field in which you operate, it’s more important than ever for CISOs to make the best possible decisions for the data security of their companies. In an environment in which it’s becoming more and more difficult to bring in the skilled professionals needed to set up adequate cybersecurity measures at a price that fits within your organization’s IT budget, it’s up to CISOs to enact solutions that can deliver results.

By partnering with a managed services provider like Turn-Key Technologies (TTI), security directors can rely on experienced cybersecurity professionals to deploy cutting-edge data protection strategies more efficiently and cost-effectively than in-house IT teams.

If you’re interested in finding out how TTI can help your cybersecurity operation, contact us today.

By Tony Ridzyowski

11.13.2018

Sign up for the TTI Newsletter