Top five key messages of the ISACA cybersecurity report

ISACA (Information Systems Audit and Control Organization), an IT governance association, has recently released a survey on cyber security. This survey is the second part of the association’s annual State of Cyber Security report. The survey received responses from 633 ISACA members who occupy different positions in cyber security or IT. The primary aim of the survey was to assess how well prepared to potential cyber threats most organizations are. According to the results, 80% of security top management representatives suppose their company will be hacked this year and only few of them feel well-prepared to combat it. In this regard it could be concluded that companies are simply not ready to keep pace with growing even more hostile cyberthreat environment.

Christos Dimitriadis, ISACA board chair and group head of information security at INTRALOT, states that “there is a significant and concerning gap between the threats an organization faces and its readiness to address those threats in a timely or effective manner”. He also adds: “Cybersecurity professionals face huge demands to secure organizational infrastructure, and teams need to be properly trained, resourced, and prepared.”

What hampers the industry? Below are top five problem areas of global cybersecurity set out in the survey:

1. IoT as the largest area of concern

IoT is developing so rapidly that concerns for its security gradually replace mobile device security. Security of IoT devices today should be at the top of the priority list for many organizations throughout this year. Cybersecurity specialists and top management must by all means secure all IoT devices and have necessary protocols in place to quickly respond to unexpected IoT cyber threat.

2. Staff shortage

Lack of personnel is a perpetual problem of cybersecurity industry. It creates an enormous barrier and significantly slows down the fight against cyber criminals. According to ISACA survey, the situation is now being improved and companies have already started to hire chief information security officers — for example, this year, 65% of companies report they have CISO in the staff, compared to 50% last year. But still, leaders are trying to fill all the open positions at lower level than needed.

3. Ransomware — the digital plague of today

Ransomware is flourishing and spreading at a furious pace. However, safeguard measures lag behind that rapid development. Ransomware usually infects computers when a user opens attachments to emails from senders who pretend to be legitimate. According to the ISACA survey, 78% of polled said their company experienced cyber attack including malicious software last year. 62% of respondents reported they suffered exactly ransomware attack. And present-day statistics paint a bleak picture of the problem: only 53% of companies have all necessary measures in place to defend against ransomware.

4. Cyber threat environment is getting severe

The cyber threat environment is changing and becoming more chaleenging than ever. Millions of cyber attacks happen every day in the world. ISACA report finds that 53% of respondents witnessed an increase in 2016. 80% are fully confident they will be attacked this year.

5. Slight budget increase

This is an age-old problem. 50% of businesses hope that investment in cybersecurity will grow and its budgets will increase in the near future. The report states that although a positive trend towards investment in information security is observed, the growth speed is too slow.

The ISACA report concluded that even though there is the rise of CISOs in organizations and a growing commitment to securing confidential data, companies should bear in mind that the number of malicious attacks is increasing and hackers issue a challenge to global enterprises so there is too much to do.

More publications from Falcongaze company you may find on our website at

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.