In the media, as well as in our daily lives, the increased awareness of "cyberattacks" seems to have caught on as a concept, but according to the PricewaterhouseCoopers 2018 Global State of Information Security Survey (GSISS), there are still several emerging threats that organizations are struggling to understand.
In fact, forty-four percent of the 9,500 executives in 122 countries surveyed by the 2018 GSSISS say they do not have an overall information security strategy. Forty-eight percent say they do not have an employee security awareness training program, and fifty-four percent say they do not have an incident-response process. A successful cybersecurity attack could cause a number of devastating problems, with forty percent of those surveyed indicating such an attack on their automation or robotics systems would disrupt operations and manufacturing, while another thirty-nine percent indicated a loss or compromise of secure data.
"Tomorrow's successful states, will probably be those that invest in infrastructure, knowledge, and relationships resilient to shock-whether economic, environmental, societal, or cyber."
- US National Intelligence Council, 2017
The successful companies of tomorrow must be resilient and positioned to sustain operations in the face of cyberattacks. Trust from their markets depend on business running as usual, and for this to occur safely and uninterrupted.
The key findings from GSISS 2018 indicate that education and awareness are still needed so that the proper investment can be put into shoring up cybersecurity infrastructure, model and response. The soaring reliance on the internet-of-things (IoT) is creating a pressing need to create alliances with organizations who specialize in securing data integrity and providing products and services for maintaining trust in systems that if undermined could cause economic or even physical harm.
Organizations that specialize in stopping cybersecurity threats, as well as keeping up with impending vulnerabilities, are able to help mitigate the risks that must be associated with information security technology. The capabilities these technologies enable are too attractive for businesses to avoid, even if they are not completely educated about the threats to which these technologies may expose them to. Thus, for business leaders to maintain their operations in a trusted manner, they will need to take responsibility for their organization's cybersecurity, and become experts themselves by consultation, or by allying their organizations with an expert.