Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 31 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Ponemon-Tenable Study Find 60% Of Organisations Suffered Two Or More Business-Disrupting Cyber Events In Last 24 Months.

by The Gurus
December 14, 2018
in Featured, Opinions & Analysis, Security News
Ponemon-Tenable Study Find 60% Of Organisations Suffered Two Or More Business-Disrupting Cyber Events In Last 24 Months.
Share on FacebookShare on Twitter

Tenable®, Inc., the Cyber Exposure company, today released the Measuring and Managing the Cyber Risks to Business Operations Report, an independent study conducted by Ponemon Institute. It found that 60 percent of organisations globally had suffered two or more business-disrupting cyber events — defined as cyber attacks causing data breaches or significant disruption and downtime to business operations, plant and operational equipment — in the last 24 months. Further, the vast majority of respondents (91 percent) had suffered at least one such cyber event in the same time period.

Despite this documented history of damaging attacks, the study found that the majority of organisations (54 percent) are not measuring, and therefore don’t understand, the business costs of cyber risk. The report concludes that organisations are unable to make risk-based business decisions backed by accurate and quantifiable metrics, resulting in a lack of actionable insight for the C-suite and board of directors.

Digital transformation has created a complex computing environment of Cloud, DevOps, mobility and IoT, where everything is connected as part of the new, modern attack surface. This has created a massive gap in an organisation’s ability to truly understand its Cyber Exposure at any given time. The research — which surveyed 2,410 IT and infosec decision-makers in six countries — found less than one third (29 percent) of respondents reported having sufficient visibility into their attack surface (i.e. traditional IT, cloud, containers, IoT and operational technology) to effectively reduce their exposure to risk. To further complicate this lack of visibility, more than half of respondents (58 percent) said their security function lacks adequate staffing to scan for vulnerabilities in a timely manner, with only 35 percent scanning when it’s deemed necessary by an assessment of risks to sensitive data.

Together, these data points reveal that the tools and approaches organisations are using fail to provide the visibility and focus required to manage, measure and reduce cyber risk in the digital era.

Of those organisations that measure the business costs of cyber risk, 62 percent are not confident their metrics are actually accurate. Thus, decisions about the allocation of resources, investments in technologies and the prioritisation of threats are being made without critical information — such as the costs of IP theft, loss of revenue or loss of productivity. Organisations admit to not using the key performance indicators (KPIs) they consider important to assessing and understanding cyber risks:

64 percent rated “time to assess” an essential KPI but only 49 percent actually measure it
70 percent rated “time to remediate” an essential KPI but only 46 percent measure it
Only 30 percent of respondents believe their organisations can translate cyber risk KPIs into actionable steps

This lack of rigor leaves boards of directors in the dark about the true cost of cyber risks to their organisations. Without confidence in the accuracy of their measures, CISOs and other security executives are reluctant to share critical information about the business costs of cyber risks with their boards.

“In today’s digital economy, cyber risk equates to business risk. It’s shocking to learn that organisations are suffering business-impacting cyber events yet are struggling to accurately measure the resulting financial cost,” said Bob Huber, CSO, Tenable. “This study powerfully highlights that most organisations have not implemented security metrics that reflect cybersecurity’s role as a core business function. CISOs need reliable metrics to help them make educated decisions on the allocation of resources, investments in technology and the prioritisation of threats.”

For more information, and to download a copy of the report, visit https://www.tenable.com/cyber-exposure/ponemon-cyber-risk-report.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

BT To Deliver The Latest SD-WAN And Cyber Security Service For IXOM.

Next Post

Kaspersky Lab Uncovers Third Windows Zero Day Exploit In Three Months.

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information