Every year PWC survey businesses in the “Global State of Information Security Survey”. The 2016 findings have been published in the document entitled “Turnaround and transformation in cybersecurity“. It’s an interesting read (as it has lots of graphics, I’m not that much of a nerd). Here are the headlines though:
It ain’t all doom and gloom – there are plenty of innovative security companies out there coming up with innovative security solution. Seric already work with some of these, like ZoneFox or IBM (yes – IBM are innovative!)
Weigh up the risk – 91% of those surveyed use a risk-based approach to cyber security. That really is the only effective way to do it and is the methodology Seric have been using for several years. There is no point in spending 10 million pounds, protecting 1 million pounds, if there is a 1% chance that it might be targeted.
Who’s the enemy?!– look at the Sources of Security Incidents Graph. Who is the source of the security incidents? A hacker? A foreign nation? No, It’s employees, partners and contractors! Now this might be down to my interpretation. Maybe someone hacks in and steals the users account and then does something that triggers a security incident but to me, in that case, the source would be classified a hacker and not an employee. So most of the security incidents are from staff, partners, suppliers, all things we have direct control over and can actually do something about. Zonefox definitely helps out here, as does IBM Cloud Security Enforcer and several other products. And don’t forget securing your supply chain. Make sure your partners, contractors and suppliers all comply to some sort of cyber security standard, such as Cyber Essentials.