About 93% of businesses across the globe are maintaining or hiking their cyber-security investments in a bid to combat the rising cyber-attacks, while about 83% of them lack information security functions to deal with security issues, a new research revealed.
According to EY’s 16th annual Global Information Security Survey 2013, about 31% of respondents reported 5% rise in the number of security incidents this year.
With companies realising the extent and depth of the threat posed, about 70% of businesses now considering information security at the highest priority.
EY global risk leader Paul Kessel said that the latest survey shows that organisations are moving in the right direction, but more still needs to be done – urgently.
"There are promising signs that the issue is now gaining traction at the highest levels," Kessel said.
"In 2012, none of the information security professionals surveyed reported to senior executives – in 2013 this jumped to 35%."
However, 65% of respondents cited lack of budget as their number one challenge to operating at the levels the business expects, while half of the respondents plan to boost their budget by 5% or more in the following 12 months.
About 14% of overall allocated funds will be invested in security innovation and emerging technologies.
EY global information security leader Ken Allan said that cyber-crime is the greatest threat for organisations’ survival today.
"While budget allocations toward security innovation are inching their way up, enabling organisations to channel more resources toward innovating solutions that can protect them against the great unknown – the future – many information security professionals continue to feel that their budgets are insufficient to address mounting cyber risks," Allan said.
"Organisations need to be more forward-looking. Moreover, if organisations are putting all their energy into addressing current technology issues, how will they protect themselves against technologies that are just around the corner or are about to appear on the horizon?.
"If organisations still don’t have a high level of confidence after four years of mobile device use in the workplace, how will they face the challenge of managing and defending against personal and hosted clouds for example?"
Particularly, the report stressed that the gap between supply and demand is extending, which is creating a sellers’ market, with 50% surveyed citing a deficient skilled resources as an obstacle to value creation.
"A lack of skilled talent is a global issue. It is particularly acute in Europe, where governments and companies are fiercely competing to recruit the brightest talent to their teams from a very small pool," Ken added.
"As a result, while organisations feel they are addressing the right priorities, many indicate that they do not have the skilled resources to support their needs."
"Organisations must undertake more proactive thinking, with tone-from-the-top support. Greater emphasis on improving employee awareness, increasing budgets and devoting more resources to innovating security solutions is needed," Paul said.
"The pace of technology evolution will only accelerate – as will the cyber risks and by not considering risks until they arise gives cyber attackers the advantage, jeopardising an organisation’s survival."
