InsightaaS: Naked Security is a news/blog site hosted by security vendor Sophos. In this post, Lee Munson, founder of Security FAQs, discusses the implications of research from Ernst & Young finding that virtually all businesses are unprepared for a cyberattack, and that "too frequently, information security is perceived as a compliance necessity and a cost burden to the business."
A new survey has discovered that out of the 1,909 executives questioned, 96% believe their business is unprepared for a cyber attack.
Ernst & Young, who carried out the research, said in its report:
As many organizations have learned, sometimes the hard way, cyber attacks are no longer a matter of if, but when. Hackers are increasingly relentless and often politically motivated.
There are several reasons cited as to why businesses continue to feel vulnerable to attack.
The largest issue identified via the survey was financial, with 65% of respondents saying that budget constraints posed the biggest barrier to meeting security expectations.
In smaller businesses, with annual revenues under $10 million, the level of concern about budgets rose to 71%.
But with 68% of the respondents saying that their security function only partially meets the needs of the business, security professionals would seem to have much work to do in order to justify any increases in funding that they hope to acquire...