Cybersecurity, negligent or unaware employees are

considered the most likely cause of an attack

Over 60% of companies worldwide feel more at risk of cyberattack than a year ago. The budgets are not yet adapted to the quantitative and qualitative evolution of cybercrime so that only 12% of organizations claim to be able to detect a sophisticated attack with the means available. Malware and phishing are the two main concerns, and the neglect and unawareness of employees are referred to as the most likely causes of a successful attack. Without a decisive and complete snap on the cybersecurity front, digital transformation risks becoming a boomerang.

Outlining this scenario of deep fear and lack of reaction capacity is the twentieth edition of the EY Global Information Security Survey, entitled " Cybersecurity regained: preparing to face cyber attacks", which highlights alarming numbers and trends. The survey, conducted on a sample of about 1,200 top managers of the largest companies in the world, shows that only 4% of organizations appropriately monitor all relevant risks in terms of threats and vulnerabilities. No wonder then that the feeling of security is at low levels: 65% of the top managers of the respondents believe they are more at risk today than 12 months ago. The motivations of this perception are attributed to the rapid acceleration of connectivity within company activities. A digital diffusion that companies are not facing as they should from the point of view of information security. Also and above all in terms of investment: 90% of companies expect to increase budget resources, but not enough to talk about turning points. Almost 90% of managers consider an increase in investments of 50% necessary, but few companies will record this growth (only 12% estimate an increase of over 25%).

But be careful, warns the EY report, to consider the matter only from an economic point of view. The defense against cybercrime also needs strategy and even before an adequate understanding of the phenomena (which is missing one-fifth of the companies). Today, among the direct and indirect costs that an attack can cause, we must also consider the loss of reputation, sanctions such as those foreseen by the now imminent entry into force of the GDPR. The high level of connection and the role played by the IoT offer potential attackers the opportunity to intervene in the functioning of industrial systems and even on devices that may endanger people's lives,

The expansion of the range of criminal activity is there for all to see. Companies today have to face different attacks, coming from various sources and often simultaneously. From those who use known vulnerabilities, with instruments easily available on the market and that require little experience, to those who use advanced complex vulnerabilities and often unknown sophisticated technologies. Not to mention the category of emerging attacks, which aim at unprecedented attack vectors and vulnerabilities enabled by new technologies (think of malware for cryptocurrency mining without the user's knowledge).

However, the most successful recent cyberattacks have largely used classical methodologies that exploit known vulnerabilities. And this is a clear sign of how the cybercrime phenomenon is underestimated. Even today, the report adds, malware and phishing are perceived as the threats that have increased the exposure of risk organizations in the last 12 months. While negligent or unaware employees are considered the most likely cause of an attack, even more than organized crime and malicious employees.

It is important to start thinking with a view to greater collaboration in the fight against the single enemy. I believe that in the future companies will work together to share knowledge and increase cyber resilience that revolves around three principles: protect, detect and react. These imperatives are today more important than ever. Companies that understand the threat landscape and focus on security right from the design, building strong defenses, will have a greater chance to cancel the attacks, identify them first and respond in an effective way."

John Giordani
Cybersecurity Expert, Chief Information Security Officer (CISO), and Certified Information Systems Auditor (CISA) ​

Cybersecurity Expert, Chief Information Security Officer (CISO), and Certified Information Systems Auditor (CISA)

"Speed and simplicity: these are the keywords to overcome the enemy."