Misco Cookie Policy
We use cookies to give you the best possible experience on our website. To find out more, view our cookie policy. By closing this message and continued use of our website means that you give your consent to our use of cookies.
Continue

Survey finds UK CIOs are over-confident about cyber security


Survey finds UK CIOs are over-confident about cyber security
23rd February 2016

by Shannon Greenhalgh

According to a survey commissioned by security firm Carbon Black, over a quarter of UK CIOs admit not being concerned about security breaches or the time dedicated to discovering them, Computer Weekly reports.

However, more than eight in 10 (85%) said they are not proactively looking for threats and only deal with them when breaches are discovered.

Despite this, 82% of respondents said they were under increasing pressure from the company to more speedily prevent, detect and respond to security incidents, especially those in the financial sector.

The survey also highlighted a worrying gap between CIOs' expectations of threat discovery and response, and reality.

Ponemon Institute research found it took an average of 256 days to detect a breach and a further 100-120 days to correct the threat once an attack had occurred. They estimated the average cost to be $3.8m (£2.7m).

However, those surveyed by Carbon Black thought a breach could be uncovered in an average of 60 days. Over a quarter (26%) thought that they would be able to uncover a breach in less than 14 days, while 15% said less than 30 days, 18% said less than 90, and 14% said it would take up to 180 days.

Chief strategist for Carbon Black, Ben Johnson, said: "These results are shocking and unbelievable because none of those polled believe they can be breached without them knowing about it."

The survey also found many of the tools implemented by companies were not equipped to deal with the new range of attacks.

Firewalls and antivirus (AV) were found to be the most common tools in place, with 94% and 90%, respectively. This was followed by encryption (64%), intrusion detection systems (62%) and advanced end point protection (44%).

Share:

Join our mailing list

IT News Archive