MOST CYBER SECURITY PREFESSIONALS EXPECT A MAJOR BREACH IN THE NEXT YEAR
More than two thirds of information security professionals expect a major breach in the next 12 months, according to a report.
In Black Hat’s most recent attendee report, 72 per cent of those questioned said their organisations are likely to have to respond to a major breach over the next year.
15 per cent said they have “no doubt” this will happen, 25 per cent said it is “highly likely” and 32 per cent said such an incident is “somewhat likely”. The figure has remained fairly steady since 2015, when 73 per cent of those in attendance thought a major breach was imminent at their companies.
Only 26 per cent of workers in the industry believe their firms have enough security staff to defend against current threats, with the majority feeling the effects of a worldwide shortage in cyber security talent that is putting businesses at risk.
37 per cent said a shortage of qualified people and skills is the number one reason their security strategies fail. The second most prevalent reason was a lack of commitment and support from top management, cited by 22 per cent.
There was also broad agreement on the top threat to emerge in last 12 months, with 37 per cent pointing to the rapid increase in ransomware attacks, while 20 per cent said targeted social engineering attacks were a big concern.
Yet the human factor was revealed as security teams’ biggest problem, with 28 per cent saying the weakest link in businesses’ defences is end users who violate security policy and are too easily fooled by social engineering attacks.
46 per cent are concerned by phishing, social network exploits and other social engineering attacks, while 43 per cent were worried about sophisticated cyber attacks directly targeting their firms and 20 per cent pointed to vulnerabilities introduced by their own dev teams.