New research from Fujitsu has revealed that despite security breaches costing businesses an average of £1.46m – £3.14m last year[1], financial loss is still not a top priority for IT decision makers. The research, conducted by Coleman Parkes, highlighted how CIOs are more concerned with the loss of sensitive data following the huge rise in advanced threats over the last year.
The research also reveals how IT decision makers are not prioritising how they manage their budgets. According to the research, security teams average at between eight to 10 people per organisation – a huge investment in people to protect the business from threats. In addition, the research revealed that 86% of IT decision makers rated security as the most important to their business. Yet despite those statistics, over half of the IT decision makers surveyed spend less than a quarter of their IT budget on security.
“Any organisation, whatever the size or line of business, could be the next target of an advanced attack; so it is of utmost important for organisations to invest in the right security for their organisation,” said Andy Herrington, Head of Cyber Professional Services at Fujitsu. “By making security decisions based on finance, rather than on the technology required, businesses are making themselves vulnerable. Looking at each phase of the cyber kill chain is one way of putting yourself in a better position against hackers.”
“Cybercriminals are profit-driven businesses and are ruthless in their drive for high return on their investments. Recently we have seen attachment-based email attacks & malicious macros make a comeback,” said Mike Smart, EMEA Security Strategist at Proofpoint. “These threat actors combine lower up-front and maintenance costs with higher effectiveness through social engineering and recycling older approaches to create a ‘killer app’. It has never been more important for organisations to prioritise their budgets to ensure enough resources surround the weakest parts of the business, including people process & technology.”
[1] PwC – Information Security Breaches Survey 2015
