14 DAY TRIAL // A new study released by EY shows that 93% of companies from all over the world plan on increasing or at least maintain their investment in cybersecurity.
According to the 16th annual Global Information Security Survey, 83% of the 1,900 senior executives that took part in the study are not fully content with their organization’s current cyber security posture.
“This year’s survey shows that organizations are moving in the right direction, but more still needs to be done – urgently. There are promising signs that the issue is now gaining traction at the highest levels,” said Paul van Kessel, global risk leader at EY.
“In 2012, none of the information security professionals surveyed reported to senior executives – in 2013 this jumped to 35%.”
In 70% of the surveyed companies, information security is “owned” at the highest level. Over the last 12 months, 31% of organizations have recorded an increase of at least 5% in the number of incidents they’ve experienced.
So what about cyber security investments?
Half of respondents say they plan on increasing their budget by at least 5% in the next year. However, 65% of them say budget is the number one factor that prevents them from reaching the expected security posture.
Furthermore, the percentage increases to 71% when it comes to companies that have revenue of $10 million (€1.38 million) or less.
“Cyber-crime is the greatest threat for organizations’ survival today,” noted EY Global Information Security Leader Ken Allan.
“While budget allocations toward security innovation are inching their way up, enabling organizations to channel more resources toward innovating solutions that can protect them against the great unknown – the future – many information security professionals continue to feel that their budgets are insufficient to address mounting cyber risks.”
On average, the organizations that took part in the survey say they’re planning on investing 14% of their budget for the next 12 months in security innovation and emerging technologies.
Allan notes that companies should be more “forward-looking” if they want to be able to protect themselves when new technologies are launched.
“If organizations still don’t have a high level of confidence after four years of mobile device use in the workplace, how will they face the challenge of managing and defending against personal and hosted clouds for example?” the expert said.
The complete information security report is available on EY’s website.