Businesses acknowledge that boosting cybersecurity is still a work in progress, according to new research by CompTIA. The “State of Cybersecurity” report said that while a majority of respondents in each of seven geographic regions feels that their company’s cybersecurity is satisfactory, a much smaller number rank the situation as “completely satisfactory.” Nearly everyone feels that there is room for improvement.
The researchers polled people in the U.S., Canada, the U.K., Benelux, Germany, Asia and Australia.
In the United States, net satisfaction rose (from 70 to 75 percent), but the rating of complete satisfaction dropped (from 29 to 24 percent).
“In many ways, the field of cybersecurity is a reaction to the ways that enterprise IT evolves,” the report said. “After all, the need for cybersecurity only comes after technology has been implemented. This dynamic has intensified in recent years, as businesses aggressively pursue technology with the tendency to treat cybersecurity as a secondary consideration.”
The top three concerns expressed by respondents were:
- The growing number of cybercriminals (52 percent)
- Privacy concerns and building trust (47 percent)
- The variety of attacks (47 percent)
Three data points show the explosive cybersecurity landscape:
- Cybersecurity Ventures reports that the global financial damages from cybercrime totaled $6.1 trillion in 2021. This number is expected to grow 15 percent year-over-year, reaching $10.5 trillion by 2025.
- The costs of cybersecurity incidents go beyond the recovery of stolen data or the payments made due to ransomware attacks.
- Reputational damage can have large ripple effects, such as lost business from customers leaving or time spent negotiating new contracts if partners and suppliers have lost faith.
“Companies are aware of the threats they face and the potential consequences of an attack or breach,” said Seth Robinson, vice president, industry research at CompTIA. “But they may be underestimating their exposure and how much they need to invest in cybersecurity. Risk mitigation is the key, the filter through which everything should be viewed.”
CompTIA’s “State of Cybersecurity” report is based on a Q3 2022 survey of technology and business professionals involved in cybersecurity. There were 500 respondents from the U.S. and 125 from each of six other regions around the world.
What does this mean for flyover country?
While cybersecurity is always a top priority for businesses, no business has unlimited resources. Organizations are having to make choices between the best, most secure options and the amount of money they are able or willing to spend. That’s not really news, but companies should probably work toward stronger security (implement a zero-trust framework) and more employee awareness to continue to keep their assets and data secure.