More CISOS Are Expecting a Cyberattack – But How Many Feel Prepared For It?
In the wake of the recent Colonial Pipeline ransomware attack, many organizations are asking if they’re truly prepared for a cyberattack themselves. According to a new global survey, the answers aren’t encouraging.
The first annual 2021 Voice of the CISO Report surveyed more than 1,400 CISOs (Chief Information Security Officers) for mid- to large-sized organizations across 14 countries. 64% of respondents said they felt at risk of experiencing a cyberattack that could cause material damage within the next 12 months, with 20% believing the risk is very high. 53% said they’re more concerned about the results of an attack this year than they were in 2020.
Most revealing is how those CISOs believe their organization can handle an attack. 66% said they do not believe their organization is prepared to cope. This may be because of concerns over how their employees will react.
Though 58% said they believe employees understand their role in protecting against threats, that same amount also said human error is their company’s greatest liability – whether by purposefully leaking data, engaging malware/phishing attacks, using unauthorized devices, or other human-based risks.