Explore the survey findings by industry to find out how organizations across sectors are implementing technologies, processes, and people skills to combat today’s sophisticated cyber threats.
As technologies advance, so too do threats and security incidents reported by automotive companies. Compounding risks to data and privacy is the drive to connect to the digital ecosystems of business partners and ultimately consumer devices via the Internet of Things. Many organizations are unprepared for the challenges these evolutions will bring.
As the frequency and costs of information security incidents continue to rise, financial services organizations face increasing threats from insiders and third-party partners, as well as intensified scrutiny from industry regulators.
As the global healthcare ecosystem and consumer demands evolve, the frequency and costs of information security incidents have soared. New partnerships and business models, mobility, data proliferation, and the Internet of Things will further intensify cybersecurity risks among healthcare payers and providers .
While the frequency and costs of security incidents show no signs of leveling off, industrial products companies are continuing to invest heavily in information security programs. As a result, they report advances in essential security processes, technologies, and personnel training. In the coming year, a key area of focus should be improved due diligence of third-party partners.
Incidents detected by power and utilities respondents skyrocketed in 2014, with compromises attributed to sophisticated adversaries like foreign nation-states and organized crime showing the highest year-over-year growth. Attrition in critical strategies, processes, and personnel skills, as well as erosion in fundamental cybersecurity initiatives, may further intensify risks.
Respondents detected 19% more security incidents in 2014, including several very high-profile retail data compromises. Despite the publicity, information security budgets declined over 2013. We also found shortcomings in data governance, increasing threats from third parties and insiders, and a lagging commitment to key strategic security practices.
Technology organizations detected fewer security incidents in 2014, despite a global increase in cyberattacks. Incidents carried out by insiders and nation-states represent particular challenges for many companies, whose identity management and employee training programs often fall short of the mark. On the upside, the tech sector leads the way in adoption of certain strategic security initiatives.
We will publish additional industry-specific reports on the Global State of Information Security® Survey 2015 in the coming weeks. To receive a report specific to your industry, please complete the form below.