Sign up for our newsletter
Technology / Cybersecurity

Organisations not doing enough to defend against cybercrime

Organisations still have not been doing enough to protect themselves from both internal and external cyber crime, whilst the threat of cybercrime is on rise, a new survey from PwC and CSO Magazine has claimed.

The survey titled, ‘the 2013 State of Cybercrime’, revealed that despite all of the recent awareness surrounding cybersecurity, there had been modest movement in key indicators.

PwC Advisory Practice principal David Burg said that the facts are clear – today’s organisations are not taking the necessary steps to mitigate the risk of cybercrime, even in the face of increasingly serious and frequent threats.

"PwC believes the time is now for organizations to take action," Burg said.

White papers from our partners

"Cybersecurity is a business imperative, and senior executives and Boards need to understand the challenges, educate their employees to raise awareness and increase vigilance, and apply cyber threat intelligence to help abate risks from sophisticated threat actors."

Over 40% of survey respondents’ claim that the number of cybersecurity events at their companies had been constant, while one-fifth reported of slight rises.

The majority of respondents indicated insider crimes would probably cause more damage to an organisation compared to external attacks, while about one-fifth of respondents claimed hackers as the greatest risk to their business.

"One of the key elements in defending against insider attacks is employee training and awareness," Burg added.

"Insider threat actors often show early warning signs of malicious intent that IT security tools cannot detect, but which employees and managers will notice – and can respond accordingly."

However, 30% reported that they do not have a formal plan outlining policies for reporting and responding to cybersecurity events at their organisation.

"One of the key elements in defending against insider attacks is employee training and awareness," Burg added.

"Insider threat actors often show early warning signs of malicious intent that IT security tools cannot detect, but which employees and managers will notice – and can respond accordingly."
This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.