Cybersecurity and Perceived Threats - Will Collaboration Make an Impact in 2015?

Posted by Dustin Smith, Chief Technologist
March 30, 2015

In our post last week – Is 2015 Poised to be the Year of the Data Breach? – we touched on the Identity Theft Resource Center’s (ITRC) 2014 data breach stats and highlighted the already robust pace of 2015. While these stats are sobering, what may be more disturbing is the lack of involvement from organizational boards of directors, the lack of clearly-defined cyber-security measures and strategies in place, and the percentage of companies including cybersecurity evaluations and audits as part of their overall security initiatives.

None

According to the ninth annual cyber-security report from Protiviti – From Cybersecurity to Collaboration: Assessing the Top Priorities for Internal Audit Functions (PDF) – which included surveys from 800 internal audit professionals, there are some clear areas for improvement.

  • 29% of boards of directors have a low engagement and level of understanding of information security risks to their organizations or aren’t involved at all
  • 47% of boards will not be considering evaluating and auditing their cybersecurity risk until next year or have no plans to include it in their audit plans at all
  • 30% of organizations are not able to address specific areas of cybersecurity risk sufficiently in the audit plan due to lack of resources and skills
  • 22% of organizations are not able to address specific areas of cybersecurity risk sufficiently due to lack of software tools

Not surprisingly, companies that have their boards of directors involved and that include evaluation and auditing as clear components of an internal audit plan are better prepared to meet the growing risks posed by cybersecurity threats. But what are those risks? The report rated those perceived as the highest level of risks, which included (from highest to lowest risk):

  • Data security (company information)
  • Brand or reputation damage
  • Regulation and compliance violations
  • Data leakage (employee personal information)
  • Viruses and malware
  • Interrupted business continuity
  • Financial loss
  • Loss of intellectual property
  • Loss of employee productivity
  • Employee defamation

With 2015 off to a fast data breach pace—and the number of personal records exposed already eclipsing that of 2014—it will be interesting to see what the report looks like next year at this time. I’ll be sharing those results in a future blog and we’ll look back on the ITRC data summary for 2015 as well. Stay tuned.

---

Photo credit to Perspecsys Photos.

About Dustin Smith Throughout his twenty-year career, Dustin Smith has specialized in designing enterprise architectural solutions. As the Chief Technologist, Dustin is responsible for the strategic direction of aligning the company’s growing consulting services with the client challenges he finds in the field, and he works closely with his regional architects to design new programs to address these issues.

Filed Under: Security

0 Responses to 'Cybersecurity and Perceived Threats - Will Collaboration Make an Impact in 2015?'

Leave a Comment

Please copy "XySAThdxsSNMb83paOZFkroFzMUXZXV1" into the field labeled "Uncaptcha"