Trend Micro Incorporated,
a global leader in cybersecurity solutions, today released the results
of its Cyber Risk Index (CRI), a survey of more than 1,000 IT security
professionals in the United States. The survey found 80 percent of IT
business leaders anticipate a critical breach or successful cyberattack
over the coming year.
Commissioned
by Trend Micro, The Ponemon Institute conducted the CRI survey to
measure business risk based on the difference between organizations'
current security posture and their likelihood of attack, with the goal
of helping CISOs and their teams better assess, protect, detect,
respond, and recover from serious cyber threats. The survey will be
issued twice a year to observe trends and changes in business cyber
risk.
"The
overall Cyber Risk Index shows companies are at an elevated risk for
cyberattack because critical data, operations, infrastructure and human
capital are not well prioritized and protected," said Jon Clay, director
of global threat communications for Trend Micro. "We designed the CRI
to help security leaders improve their visibility of cyber risks so they
can better prepare against attacks. Additionally, understanding the key
areas of risk can enable companies to provide better security while
also meeting regulatory requirements."
Respondents
to the survey ranked research and development information, trade
secrets, customer accounts, and other confidential information as the
highest risk of loss when a breach occurs. This highlights a critical
gap between data criticality and the protection measures in place to
ensure their safety.
Additionally,
the ability to securely implement disruptive technologies like mobile,
cloud, and IoT devices was a great concern to those surveyed, along with
detecting zero-day attacks. However, respondents positively reported
that their CISOs have enough authority and resources to achieve a strong
security posture.
"At
its core, the Cyber Risk Index captures benchmarks derived from surveys
compiled from IT and IT security practitioners in small, medium, and
large companies," said Larry Ponemon, chairman and founder of the
Ponemon Institute. "Over time, these benchmarks can be used to pinpoint
trends that will help CISOs proactively manage risks within the
ever-changing cybersecurity ecosystem."
A
primary cause of these risks was found to be complex, misaligned
organizations with a lack of security connectivity, scalability and
agility, and too few qualified people to manage security systems.
Trend Micro recommends organizations better prepare themselves against cyber threats by:
- Identifying critical data and building security around this data, taking a risk management approach
- Minimizing the complexity of infrastructure and improving alignment across the security stack
- Improving the ability to protect mobile devices, information and operational technology devices, and cloud infrastructure
- Investing in new talent and existing personnel
- Reviewing
existing security solutions with the latest technologies to detect
advanced threats like ransomware and socially engineered attacks.
- Improving IT security architecture with high interoperability, scalability, and agility
The
Cyber Risk Index will be conducted twice a year to see how
organizations fare over time amidst a rapidly changing threat landscape
and evolving IT security infrastructure.
For more detailed results from the Cyber Risk Index, please visit: https://www.trendmicro.com/en_us/security-intelligence/breaking-news/cyber-risk-index.html