According to the latest research the Economist Intelligence Unit (EIU) conducted on behalf of Proofpoint, many cybersecurity professionals feel confident in their ability to defend their organization from attackers. But some are less sure than others. At healthcare companies, for example, a bare majority (56%) agreed they could adequately prevent, detect, and respond to a data breach.
What are the major obstacles to best practice according to IT executives? Below we highlight three. Read the full report to get the full story.
THREE TOP CYBERSECURITY OBSTACLES
1) Managing vendor security
Perhaps the most serious obstacle decisionmakers cited is ensuring effective cybersecurity behavior by employees with contractors, contingent workers and other vendors. Especially as manufacturers adopt the Internet of Things (IoT), this issue will become more urgent.
Less than half of respondents (48%) say pre-employment screening and background checks are applied equally to contractors and contingent workers. Many organizations had poor or inconsistent enforcement of data access policies (27%). And a substantial group (37%) says they apply only to full-time employees.
2) Coordinating policies across lines of business (LOBs)
Many respondents (24%) also cited difficulty coordinating policies around LOBs and functional areas. Especially at large organizations, implementing a layered defense across each team and vendor can be a huge challenge. As Atlassian CISO Adrian Ludwig put it,
“Unfortunately, every security leader I’ve spoken with agrees that data security has a long history of poorly defined expectations and poorly implemented technology that one way or another makes security difficult.”
(You can hear more from Mr. Ludwig in our podcast interview with him.)
The biggest obstacle to overcoming people-centered cyber-security threats are, of course, people themselves. “People have a lot to do, and while they care about security, they don’t think about it amidst revenue targets and other goals,” continued Mr. Ludwig. And, as Proofpoint’s latest research indicates, your very attacked people (VAPs) are not necessarily your VIPs. People in lower-management roles are targeted in nearly 8% more email-based malware and phishing attacks.
Want to get more insights from The Economist Intelligence Unit? Get your copy of the full report here.