PricewaterhouseCoopers released their 16th annual Global State of Information Security Report for 2014, and finding show that despite an increase in security events and losses, confidence in security strategies is also up.
The report was conducted in association with CIO and CSO magazines and includes 9,600 responses from executives around the globe, including CEOs, CFOs, CIOs, CISOs, CSOs, VPs, and directors of IT and security from several industry verticals.
“You can’t fight today’s threats with yesterday’s strategies. What’s needed is a new model of information security, one that is driven by knowledge of threats, assets, and the motives and targets of potential adversaries,” said PwC’s Gary Loveland.
On the upside, security practitioners and leadership are more confident in their security stature than before:
- 74% of respondents believe their security activities are effective
- 4% of CEOs saying they are confident in strategies
- 50% say they have an effective security strategy in place
- Security budgets average $4.3 million this year, a gain of 51% over 2012
Conversely, incidents and losses have also increased measurably:
- The number of incidents detected in the past 12 months increased by 25% (33% in U.S. alone)
- Lost or damaged internal records jumped more than 100% over last year
- Average losses are up 18% over last year
- Losses of $10 million or more are up 51% from 2011 levels
- Hackers took top threat spot, followed by competitors, organized crime, and hacktivists
“While organizations have made significant security improvements, they have not kept pace with today’s determined adversaries. As a result, many rely on yesterday’s security practices to combat today’s threats,” the report notes.
Read More Here…