Cybersecurity threats have shot to the top of the agenda for business leaders, NTT Security’s 2019 Risk:Value research indicates.
Cyber attacks (43%), data loss or theft (37%) and attacks on critical infrastructure (35%) – particularly telecoms and energy networks – are the biggest issues for businesses after the economy.
However, amid confusion around responsibility, many senior managers think that cybersecurity is just a problem for the IT department.
Senior managers remain concerned about the impact of security incidents, particularly as the time to recover has increased markedly year-on-year.
In 2019, the NTT Security Risk:Value Index, measuring cybersecurity good practice, remains at +3, showing no progress since 2018
Security budgets are failing to keep up with increasing cyber risk, it says, with only a minimal increase in the percentage of IT budgets attributed to security (15% this year).
The percentage of the operations budget attributed to security has fallen since 2018 to 16%.
The static nature of cybersecurity spending indicates that companies are lacking resources to address cyber risk.
This is backed up by the fact that 43% of organisations lack the necessary skills and resources in house to cope with the number of cybersecurity threats.
Over a third of organisations reveal that they would rather pay a ransom to a hacker than be fined for failing to meet data protection regulations.
The cost of a cybersecurity breach has increased in 2019 to 12.7% of annual revenue.