A new EY survey says 50 percent of C-suite and information technology executives think their organizations are capable to detect a cyber attack as a result of investments in threat intelligence platforms, security operations centers and continuous monitoring tools.
EY said Wednesday it polled 1,735 C-level executives and IT professionals from companies worldwide between June and August as part of the Global Information Security Survey.
The survey also found that 86 percent of respondents said their companies’ cyber functions do not measure up to their organizations’ requirements, while 48 percent considered obsolete data security controls as their highest vulnerability.
Cyber attacks related to theft of financial data and intellectual property both showed a 12 percent rise over the previous year, while malware and phishing attacks showed a 9 percent and 7 percent increase from the past year.
Fifty-seven percent of C-suite and IT executives said they consider disaster recovery and business continuity as their top priority, but only 39 percent said they plan to spend on such efforts in the coming year.
Companies “need to think beyond just protection and security to ‘cyber resilience’ – an organization-wide response that helps them prepare for and fully address these inevitable cybersecurity incidents,†said Paul van Kessel, global advisory cybersecurity leader at EY.
The survey also cited budget constraints as well as lack of executive support and skilled resources as challenges to organizations’ data security functions.
EY noted that 42 percent of survey respondents said their organizations lack a communications strategy in the event of a cyber attack, while more than 60 percent of executives said they are less likely to raise their cyber spending following a breach that did not impact their operations.