Phishing, ransomware and human error are seen as biggest security threats
New research from Python software house STX Next finds that that CTOs see human error, ransomware and phishing as the biggest security threats.
The study of 500 CTOs globally shows 59 percent still see human error as the main security threat to their business, alongside other prominent concerns such as ransomware (49 percent) and phishing (36 percent).
Yet despite recognizing the threats just 26 percent say they have a dedicated cybersecurity team in place and only 50 percent outsource cyber responsibilities.
Maciej Dziergwa, CEO at STX Next, says:
Our survey shows that, despite the inexorable rise of ransomware in the last couple of years, the biggest security concern in the minds of CTOs remains the potential impact of human error. This is understandable given that in order to be successful, many types of cyberattack rely on someone inadvertently clicking a link or downloading a file.
Where things really get interesting, however, is when we see what businesses are doing to protect themselves against these threats. Companies that employ their own dedicated cyber team are still in the minority, and while outsourcing is preferred, this isn't a common policy at the majority of organizations either.
Among other findings are that multifactor authentication adoption is strong, with 88 percent of organizations employing it in some way. However, 47 percent haven't implemented ransomware protection, and 58 percent aren't using security information and event management (SIEM), and 41 percent have not employed privileged access management (PAM).
On a positive note, 92 percent have implemented disaster recovery capabilities such as automated backups.
Dziergwa adds, "The strong presence of disaster recovery planning shows that organizations are doing well when it comes to the more all-encompassing, overarching responsibilities that ensure the business is resilient in the face of unexpected disruption. The next step is for leaders to apply this approach to the more granular elements of cybersecurity, including anti-ransomware tools."
The full report is available on the STX Next site.