Senior IT Professionals Recognise a Disconnect in Cyber Security Approaches

Friday, February 20, 2015.

A recent market survey of senior-level IT leaders in industry verticals such as financial services, federal government, healthcare, pharma and utilities, chemical and energy has revealed a significant lack of confidence in the ability to leverage intelligence that can predict cyber vulnerability and effectively combat threats within organisations.

The survey, commissioned by Lockheed Martin, received a majority of responses that noted an increase in the severity (75%) and frequency (68%) of cyber attacks, as well as identifying a lack of budget (64%) and the expert personnel (65%) to address such threats.

"This survey illuminates areas of concern about cyber readiness across government and critical infrastructure industries," said Guy Delp, Director of Cyber Security and Advanced Analytics for Lockheed Martin. "The results highlight that the challenges in this domain are universal across both industry and government, and therefore our response needs to be equally holistic. The adoption of intelligence-driven defense techniques is critical to ensuring that not only IT officers, but also Chief Executives, boards of directors and customers have confidence in the security of their information."

Other key findings of the research included a reliance on intuition, rather than intelligence when assessing security levels, and negligence towards assigning adequate budget to the most serious security risks for organisations. Additionally, it is apparently common that, whether malicious or negligent, insiders continue to be among the greatest perceived cyber threats.

"Compliance was rated the top cyber security business priority by the survey respondents," continued Delp. "Though somewhat surprising, it is a tell-tale sign that organisations feel the pressure to meet industry security compliance requirements. While satisfying compliance standards is important, organisations should view it as a foundation on which to build a more comprehensive security posture."

The survey was independently conducted in November by data security research group Ponemon Institute, and collected data from 678 US-based senior IT practitioners .