90% of the organizations have a high or medium degree of cybersecurity vulnerability: Study

The study was based on a survey of 1500 plus respondents from board level to the security professionals

As much as 90% of the respondents have a high or medium degree of vulnerability to cyber attacks, finds a new study released by Tanium and NASDAQ.

The study, called The Accountability Gap: Cybersecurity & Building a Culture of Responsibility, was based on a survey of 1530 respondents across eight countries and sought to identify and understand where the gaps exist across all organizational levels around cybersecurity vulnerability from a people, process, and technology perspective. The cybersecurity vulnerability was assessed around seven inherent challenges:  Cyber Literacy, Risk Appetite, Threat Intelligence, Legislation & Regulation, Network Resilience, Response, and Behavior.  A research team at Goldsmiths, University of London developed a statistical model for scoring readiness, awareness and vulnerability for all these challenges. The respondents were non-executive directors (NED), C-level executives, Chief Information Officers (CIO), and Chief Information Security Officers (CISO).

The study found that 10% of the respondents have a high level of vulnerability and will likely reach crisis if they do not act quickly to address their cybersecurity posture. Another 80% of the respondents have a medium level of vulnerability and only 10% of the respondents have a low level of vulnerability, but there are still risks.

These are some of the findings

Awareness

  • 91% of the high vulnerable board members say they can’t interpret a cybersecurity report
  • Only 10% of the high vulnerable respondents agree that they are regularly updated with information about the types of threats to cybersecurity that are pertinent to their business
  • The low vulnerable respondents are 31% more likely than the high vulnerable respondents to have assessed the likely losses associated with cyberattacks

Readiness

  • 98% of the high vulnerable executives are not confident their organization tracks all devices and users on their system at all time
  • 87% of the high vulnerable board members and executives don’t consider their malware, antivirus software, and patches to be 100% up-to-date at all times
  • Only 9% of the high vulnerable board members said their systems were regularly updated in response to new cyber threats.

 

Add new comment