In a new study on cyber resilience, over 70% of respondents said leadership influence is crucial. Less than half of companies believe they can cope with a cyber attack.
A recent study from Palo Alto Networks and IDC shows that there is a consensus among the 735 companies surveyed in EMEA and LATAM about the critical importance of cyber resilience for businesses. The influence of management is becoming increasingly important:
- 72 percent of all respondents say that senior management is the main driving force in focusing on cyber resilience.
- Only 17 percent attribute overall responsibility to the Chief Information Security Officer (CISO).
- According to 29 percent of those surveyed, Chief Information Officers (CIOs) are responsible, Chief Technology Officers (CTOs) according to 22 percent and the heads of business units according to 19 percent.
- In the DACH region, however, CISOs are given the greatest responsibility.
- Only 38 percent of CISOs in EMEA and LATAM believe their cyber resilience is mature.
- Only 40 percent of companies in EMEA and LATAM believe they can survive a cyberattack without major disruption.
Challenges in implementing cyber-resilient technology
Although 78 percent of companies in EMEA and LATAM recognize the importance of cyber resilience, only 38 percent of companies surveyed in DACH see the topic as a priority. In addition, the shortage of skilled workers and the lack of new security technologies prevent expectations and reality from matching when implementing cyber security measures. Companies also cite a lack of integration options between different products as a challenge when implementing cyber security solutions.
The study also points out a number of technological challenges:
- The use of sophisticated cybersecurity controls for cyber resilience is only 11 percent among respondents in EMEA and LATAM.
- Most companies rely on business continuity plans (74 percent), disaster recovery plans (72 percent), ransomware recovery plans (54 percent) and crisis management strategies (51 percent).
- In the DACH region, only 15 to 19 percent of CISOs regularly test their recovery plans. This is well below the average of all countries examined (28 percent) and shows the discrepancy between the intention and execution of cyber security measures.
Proper technology is crucial for cyber resilience
Klaus Bürg, VP & Managing Director EMEA at Palo Alto Networks, said: “Many companies do not yet have the resources to implement cyber-resilient threat defense technology. Instead, they must rely heavily on tactics like disaster recovery that are designed to respond to incidents rather than prevent them. This leaves organizations exposed to more threats and unable to plan for future risks.”
Investments in new technologies should help bridge the gap between cyber strategy and execution. According to the study results, companies in the DACH region are investing primarily in cloud and network security – the largest attack vectors at the moment.
Bürg would also like to see a cultural change: “The 'culture of cyber awareness' is the most important element of cyber resilience, which must be located at the board level and work top-down. “The right technology then determines the success of the cyber resilience strategy,” he concludes.
More at PaloAltoNetworks.de
About Palo Alto Networks Palo Alto Networks, the global leader in cybersecurity solutions, is shaping the cloud-based future with technologies that transform the way people and businesses work. Our mission is to be the preferred cybersecurity partner and protect our digital way of life. We help you address the world's biggest security challenges with continuous innovation leveraging the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are the leaders in protecting tens of thousands of businesses across clouds, networks and mobile devices. Our vision is a world where every day is safer than the one before.