Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hacked companies still prioritise innovation over cybersecurity

Clint Boulton | Aug. 9, 2016
KPMG found that while 80 percent of organisations acknowledged being hacked, only half have invested in cybersecurity technologies in the past year. The research firm has a theory as to why.

Some sectors are more security-focused than others

Bell, who surveyed clients in the automotive, banking, technology and retail sectors, uncovered other interesting tidbits. Turns out that 89 percent of retail cyber executives reported breaches in the past 24 months, followed by automotive at 85 percent, versus 76 percent for banking and technology companies.

While those differentials were hardly stark, Bell says his research uncovered a "cyber-awareness maturity curve" between sectors such as financial services and tech firms and retail and automobile makers. This is somewhat alarming given retailers' emphasis on mobile and personalized shopping and automotive manufacturers’ focus on building connected cars that increasingly rely on automated driver assistance technologies.

Bell found that banks and technology companies are relatively on their game with regard to bolstering their cyber postures, with 66 percent and 62 percent, respectively, reporting that they had invested in information security. That compares to 45 percent of retailers and 32 percent of automotive manufacturers that claimed to have invested.

Of companies surveyed, 69 percent reported having a cybersecurity leader, such as a CISO, in place. Again, though, a gulf exists between the attention financial services and tech firms pay to cyber versus what their peers in retail and automotive do. For example, 85 percent of both banks and technology companies said they had a CISO or some other position of its ilk compared to 58 percent and 45 percent of retail and automotive companies who fessed up to having a cyber leader.

Matt Comyns, global cybersecurity practice leader for executive recruiter Russell Reynolds Associates, says that some enterprises try to hire average CISOs, or hold off on hiring security leaders entirely because they are in denial about the threat hackers pose toward their organizations. The collective mentality, Comyns says, is one of disbelief that hackers would find their data valuable enough to steal. Comyns says tries to convince them otherwise.

"I still walk in the door of companies searching for a CISO who say: ’Who would come after us, we’re not Target, we’re not Sony?" Comyns says. “I'm not so sure that's the right question."

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.