/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2016/06/ID-10052615.jpg)
MUMBAI, INDIA: As per a new survey, 75 per cent respondents have a significant cybersecurity risk exposure and organizations that report more business-impacting security incidents are 65 per cent more likely to have advanced cyber maturity capabilities
What's notable is that half of those surveyed assess their incident response capabilities as either “ad hoc” or “nonexistent” with less mature organizations continuing to mistakenly struggle with implementing more perimeter technologies as a stop gap measure stop incidents from occurring
RSA has released data demonstrating that organizations that invest in detection and response technologies, rather than perimeter-based solutions, are better poised to defend against cyber incidents. The second annual RSA Cybersecurity Poverty Index, which compiles survey results show that for the second year in a row, 75 per cent of survey respondents have a significant cybersecurity risk exposure. Incident Response (IR) capabilities are particularly underdeveloped.
The survey also showed that most organizations continue to struggle to improve cybersecurity because they don’t understand how cyber risk can impact their operations.
There has been plenty of anecdotal evidence that companies tend to delay investments in cybersecurity until they experience the pain first hand, as the report cautions. In addition, companies which primarily rely on a perimeter defense philosophy are at a greater disadvantage of finding malicious activity, and risk public exposure of critical business assets.
Government and energy organizations ranked lowest across industries in the survey, with only 18 per cent of respondents ranking as developed or advantaged. Organizations in the aerospace and defense industry reported by far the highest level of maturity with 39 per cent of respondents having developed or advantaged capabilities. Financial Services organizations, a sector often cited as industry-leading due to the large volume of cyberattacks it faces, placed in between with 26 per cent rating their firms as well prepared – down from 33 per cent`a year ago.
But what's really interesting is that the reported maturity of organizations in the Americas continued to rank behind both EMEA and APJ. Organizations in EMEA reported the most mature security strategies with 29 per cent ranked as developed or advantaged in overall maturity while only 26 per cent of organizations in APJ and 23 per cent of organizations in the Americas rated as developed or advantaged. EMEA overtook APJ for the top ranking, moving up three percentage points while APJ dropped 13 points.