A new study from Barracuda Networks finds just 43 percent of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks.
The findings also show that many organizations find it hard to implement company-wide security policies such as authentication measures and access controls. 49 percent of the smaller to mid-sized companies surveyed listed this as one of their top two governance challenges.
Just over a third (35 percent) of the smaller companies also worry that senior management doesn’t see cyberattacks as a significant risk, while the larger companies are most likely to struggle with a lack of budget (38 percent) and skilled professionals (35 percent).
“For many businesses today, a security incident of some kind is almost inevitable,” says Siroui Mushegian, CIO of Barracuda Networks. “What matters is how you prepare for, withstand, respond to, and recover from the incident. This is cyber resilience. Advanced, defense-in-depth security solutions will take you most of the way there, but success also depends on security governance — the policies and programs, leadership, and more that enable you to manage risk. When NIST updated its benchmark cybersecurity framework earlier this year, it added security governance as a strategic priority.”
The report also shows many organizations have concerns about a lack of security and control over the supply chain and visibility into third-parties with access to sensitive or confidential data. In addition around one in 10 doesn’t have an incident response plan to turn to in the event of a successful breach.
The full report, along with a practical checklist template to help companies navigate their journey to cyber resilience, is available from the Barracuda site. You can also read more on the company’s blog.
Photo Credit: Olivier Le Moal / Shutterstock