Security Risk Management

InfoSec Breakdown: Latest Research Shows a Shift in Priorities

Noah Simon | April 1, 2015

Recent reports and surveys show that organizations concentrated greater efforts toward cyber security in 2014 than they have in years past. Furthermore, cyber security has become a greater priority for IT professionals facing a variety of challenges. The following statistics are indicative of these shifts:

  • 84% of IT professionals see monitoring security events as a key area of concern. 

According to a recent Protiviti study, IT decision makers are prioritizing cyber security issues more than they have in past years. On a 10 point scale, those surveyed rated monitoring security events at 7.0 (up from 6.4 in 2014). Incident response time was rated at 6.9 (up from 6.3 in 2014). While other categories such as virtualization and enterprise architecture ranked among the highest priorities, the vast majority of IT priorities listed for 2015 were directly tied to mitigating cyber risk.

  • 59% of IT decision makers indicated a desire to track and monitor third-parties, yet only 22% do so on a monthly basis.
A recent study commissioned by Forrester on behalf of BitSight Technologies reveals that IT professionals are putting in greater effort and resources on ensuring the security of third-parties and vendors. In this survey, ensuring that business partners and vendors meet security requirements ranked third on a list of IT security priorities set for the next year.
  • 69% of breaches are detected by an external entity.

In Mandiant’s 2015 M-Trends Threat Report, 31% of organizations surveyed discovered breaches internally. However, the report did show that on average, the amount of time taken to discover a breach is down from 2013. 

  • The average information security budget fell 4% in 2014 to an average of $4.1 million dollars.
According to PwC’s 2015 Global Information Security Survey, 2014 was the first time in three years that security spending did not increase. However, 51% of respondents said they had purchased a cyber insurance policy.

Looking Ahead

As data breaches dominated headlines in 2014, it is not a surprise that priorities have shifted towards strengthening cyber security. While large-scale breaches will continue to emerge, it will be interesting to see if these new priorities will translate into stronger security postures.

Suggested Posts

Mitigating Risk in Your Expanding Digital Ecosystem

As time goes on, organizations are taking on more and more new digital transformation initiatives to become increasingly agile and boost productivity — dramatically transforming the number of digital touchpoints employees interact with on...

READ MORE »

3 Ways to Ensure Best-in-Class Third Party Cyber Risk Management

An effective third party cyber risk management program both identifies potential threats and finds ways to mitigate them. Organizations should aspire to the highest possible standards when it comes to their security posture. To do so, they...

READ MORE »

Cyber Risk Should Be A Growing Concern to the Municipal Bond Market

Following an increase in ransomware cyber attacks, most notably May 2017’s WannaCry attack, U.S. public sector entities are starting to see the effects of these attacks on the almost $4 trillion municipal debt market. As a result, issuers...

READ MORE »

Subscribe to get security news and updates in your inbox.