Would you bet your chocolate on preventing a breach?
While 97 percent of business leaders and security professionals say their organization is as prepared or more prepared to defend against cybersecurity attacks than they were a year ago, one in five wouldn't bet a chocolate bar that they could prevent a damaging breach.
Ivanti surveyed 6,500 executive leaders, cybersecurity professionals, and office workers to understand their perception of today's cybersecurity threats and find out how companies are preparing for future threats.
It finds many organizations still have a tickbox mentality which is especially evident when it comes to patching. 92 percent of security professionals report they have a method to prioritize patches, they also indicated that all types of patches rank high -- meaning that in practice none do.
"Patching is not nearly as simple as it sounds," says Dr Srinivas Mukkamala, chief product officer at Ivanti. "Even well-staffed, well-funded IT and security teams experience prioritization challenges amidst other pressing demands. To reduce risk without increasing workload organizations must implement a risk-based patch management solution and leverage automation to identify, prioritize, and even address vulnerabilities without excess manual intervention."
The report also shows that leaders engage in more dangerous behavior and are four times more likely to be victims of phishing compared to office workers. More than one in three leaders have clicked on a phishing link, and nearly one in four use easy-to-remember birthdays as part of their password. In addition they are much more likely to keep their passwords unchanged for years as well as bing five times more likely to share their password with people outside the company.
On a positive note, among security professionals and leaders 71 percent predict an increase to their cybersecurity budget in 2023, with an average increase of 11 percent. 74 percent have set up an 'emergency fund' to cope with breaches, averaging around 16 percent of the cybersecurity budget.
Despite the general perception of cloud risks, 68 percent say their systems are more secure due to adopting cloud based systems and/or storage.
The full report is available from the Ivanti site.