GEC NEWS WIRERSA released data demonstrating that organizations who invest in detection and response technologies, rather than perimeter-based solutions, are better poised to defend against cyber incidents.
The second annual RSA Cybersecurity Poverty Index, which compiles survey results from 878 respondents across 81 countries and more than 24 industries and gave participants the chance to self-assess the maturity of their cybersecurity programs leveraging the NIST Cybersecurity Framework (CSF) as the measuring stick.
The report found that for the second year in a row, 75% of survey respondents have a significant cybersecurity risk exposure. Incident Response (IR) capabilities are particularly underdeveloped.
One of the most significant changes from the 2015 survey was the increase in the number of organizations with mature cybersecurity programs. The percentage of organizations reporting advantaged capabilities – the highest category – increased by more than half over the prior Index, from 4.9% to 7.4%. But organizations’ overall perception of their cybersecurity preparedness continued to lag.
Amit Yoran, President, RSA, The Security Division of EMC said, “This second round of cybersecurity research provides tangible evidence that organizations of all sizes, in all industries and from all geographies feel unprepared for the threats they are facing. We need to change the way we are thinking about security, to focus on more than just prevention – to develop a strategy that emphasizes detection and response.”
