Worried about your organization’s cybersecurity?
Relax, because LuxSci’s Cybersecurity Trends 2019 report is here to give you the insight you need to understand the latest threats and help you manage your organization’s risks.
We surveyed executives, management and other employees to find out exactly what’s been happening on the ground, what to expect from the future, and the best ways to stay ahead of the latest online threats.
Some of the results were expected, with the continuation of many trends that have been bubbling away for the past few years. But there were a few surprises as well, since the threat landscape is always changing.
Cybersecurity Incidents Are Incredibly Common
Cyber incidents have now become a regular occurrence in the workplace:
- 46% of respondents said that their organization had suffered an incident with an online scammer or hacker.
This isn’t surprising when you consider the relatively low adoption rates of various security technologies that the survey found. Less than half of the respondents said that their organization was keeping audit logs, implementing network management tools or using multi-factor authentication. This is just the tip of underutilized technologies that were revealed in the survey.
If organizations want to reduce their security risks, they need a comprehensive cybersecurity policy in place. This should encompass the technical measures, skills, monitoring and other elements that are critical for defense.
Email Strikes Again
As expected, email was one of the biggest concerns, with:
- 46% of respondents claiming that email was involved in their organization’s latest security incident.
- 52% of respondents ranking email as their organization’s greatest vulnerability.
In ways, this is understandable, because email is so heavily used for business communications. We should expect a greater number of incidents from the most-commonly used communication methods. Just because there were very few smoke signal-related security incidents, doesn’t mean that the smoke signal is a safer means of communicating.
While the ubiquity of email is a strong contributor, it still needs to be acknowledged that most organizations aren’t doing enough to protect their email accounts, or to prevent regulatory violations.
Phishing is one of the biggest threats, and businesses need extensive employee-training and effective spam-filtering to help minimize the risks. Another key email-related issue involves accidentally sending unencrypted ePHI and ending up with HIPAA penalties. Organization’s need strict policies and technical mechanisms, such as opt-out encryption, to avoid these costly mistakes.
Ongoing & Future Concerns
Implementing and maintaining the appropriate defenses is a constant struggle for businesses, which many seem to be losing. Some of the biggest challenges found in the survey include:
- “Too many new and emerging threats” to keep up with. This was seen as a serious issue by 28% of respondents.
- Lack of appropriate cybersecurity personnel, which was claimed by 26% of respondents.
The silver lining is that half of the respondents said that their organization had increased the amount of resources that they devote to cybersecurity. Hopefully, this is an indication that those in management are learning just how costly breaches can be, and how important an effective security plan is to the future viability of their business.
Despite these budget increases, it is becoming apparent that many businesses are still struggling to implement the security measures that they need. This is particularly apparent in small and medium-sized businesses, where lack of resources and the necessary skills significantly affect their ability to combat threats.
Since the current cyber landscape has gotten so complex and the necessary expertise so specialized, turning to third-party security providers is one of the few viable options for smaller businesses. 32% of respondents recognized this need, stating that the best way to improve their security is to outsource it to specialist vendors.
Want to find out even more about the current and future cyber-landscape? Then dive into the full report – Download Here