We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
RSS FeedRisk

Companies still unprepared for cyber attacks, says Deloitte


Mobile and bring your own device (BYOD) were also cited as challenges to IT security teams

Article comments

Many enterprises around the world think they are prepared for cyber attacks but the reality is that any organisation is at risk of a security breach, global advisory firm Deloitte has warned.

Deloitte released the results from its sixth annual global Cyber Security Survey which was conducted with 121 technology, media and telecommunications companies. Fifteen per cent of the participants were from the Asia Pacific region.

The survey found that 88 per cent of executives who took part did not see their company as vulnerable. In addition, 60 per cent of participants rated their ability to respond to newly developed threats as either average or high.

According to Deloitte technology risk leader Dean Kingsley, this attitude needed to change as most passwords can be cracked in five hours.

"Businesses need to assume a breach will happen and prepare accordingly by shifting from pure prevention to detection and response planning," he said in a statement.

"The goal is to create a resilient organisation that can bounce back quickly from attacks."

Despite the confident attitudes expressed by executives, the survey results also found that 59 per cent of participants had experienced a security breach in 2012 while 78 per cent cited breaches at third parties as one of their top three threats.

"Companies need to move beyond pure contractual arrangements with their suppliers and other third parties, such as government agencies, and be more willing to co-operate in order to reduce weak links," Kingsley said.

According to the survey, only 30 per cent of respondents believed that the third party organisations they work with are taking enough responsibility for cyber security.

Mobile and bring your own device (BYOD) were also cited as challenges to IT security teams with 74 per cent of executives ranking it as their second biggest risk. However, only 52 per cent said they had specific BYOD policies in place and 10 per cent did not address mobile security risks at all.

According to Deloitte Australia national security and resilience lead Tommy Viljoen, hacktivisim was referred to in the survey for the first time with 63 per cent rating it as a "major concern."

"This vulnerability to hacktivism reflects that cyber attacks can now come from anywhere, and be prompted by perceived controversial business practices and decisions, often highlighted through social media," he said.

"Recognising the threat of hacktivisim, organisations are starting to gather intelligence relating to it and other types of cyber crime incidents."

Over 50 per cent of executives stated that they collect general information about hacktivism while 40 per cent collect information about attacks specifically targeting their organisation, industry, brand or customers.

Share:

Comments

Companies still unprepared for cyber attacks, says Deloitte
Risk

Energy risk: How data is eating up all the energy

Energy risk: How data is eating up all the energy

Any failure in energy supplies to data servers can result in severe consequencesmore ..


EMEA corporate upgrades outnumber downgrades, says Moody’s

Rating agency notes first such instance since the financial crisis yearsmore ..

World hit by record wave of 'mega' data breaches in 2013

Over half a billion records compromisedmore ..

CFOs bullish on UK growth prospects

Finance chiefs' appetite for risk has doubled that of a year agomore ..

Why BYOD needs to be on every CFO’s agenda

The Software Alliance explains why BYOD can be a legal nightmare for businessesmore ..

Audits key to managing cyber risks

Cybersecurity controls and reporting procedures should be assessed annuallymore ..

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.



In Depth
How M&A teams can create value by challenging the CEO

How M&A teams can create value by challenging the CEO

A typical “hold” period of nine to 18 months can generate increased sale value more ..

In Depth
What every company needs to do about big data?

What every company needs to do about big data?

In the first of a three part series, Pat Brans explores just how big 'big data' will get? more ..

Advertisement

* *