Cyber security implementation: firms want it, but less do it, finds survey

Despite 99% of respondents stating that making technology resilient to cyber disruptions should be core to their cyber security implementation, only half, ,or 54% to be precise, think they are currently resilient enough to protect against cyber attacks, finds the Resilience Gap  released by Tanium.

The study surveyed over 1,000 UK business decision makers.

97% of respondents believe that there are barriers to achieving resilience , and effective cyber security implementation, broken down as follows:

  • Close to four in ten (38%) blame their organisation’s growing complexity as one of the biggest barriers to building business resilience.
  • One fifth (21%) blame siloed business units.
  • Over a third (35%) say the issue lies with the hackers being more sophisticated than IT teams.
  • 21% claim that they don’t have the skills needed within the company to accurately detect cyber breaches in real-time.
  • and nearly a third (27%) claim that poor visibility of entry points are barriers to resilience.

Matt Ellard, Managing Director of EMEA at Tanium commented: “The speed of digital transformation has led organisations to purchase multiple tools to solve IT security and operations challenges, which is leaving IT infrastructures vulnerable to threats. Business resilience is fundamental to any strategy for long-term growth, yet the findings suggest that many UK businesses still have a long way to go. Organisations need to build a strategy for business resilience, and that starts with ensuring they have real-time visibility of where threats exist across their network, most crucially at the endpoints. If you can’t pinpoint current vulnerabilities or the origin of a threat, how can you expect to defend against them?”

AI for cyber, you don’t need to know what the threat is, just the network, says Darktrace imageAI for cyber, you don’t need to know what the threat is, just the network, says Darktrace

AI is helping Darktrace fight the good fight against the bad guys in the cyber world, but AI cyber security does it by understanding networks; it doesn’t need to look for a viruses signature, then again, cyber criminals are adopting AI too, or so Darktrace’s Max Heinemeyer told Information Age.

The study also revealed gaps in accountability and trust across organisations. One of the main reasons why organisations are unable to achieve business resilience against disruptions such as cyber threats is due to growing confusion internally on where the responsibility for resilience lies:

  • Over a quarter (28%) believe it should be the responsibility of the CIO or Head of IT,
  • the same amount (28%) say every employee should be responsible,
  • while 13% state full responsibility lies with the CEO alone. One in ten (11%) claim it falls to senior leadership / management.

Fighting cyber crime needs security champions imageWe are the champions: fighting cyber crime needs security champions

Cyber crime is as much about people as it is about technology — and fighting it requires people too, and darn good communication

“Businesses are becoming entirely dependent upon their technology platforms,” continued Ellard. “But if that technology stops running, the business will too – with potentially serious consequences for sales, customer confidence, and brand equity – not to mention productivity. To deliver resilience, a new discipline needs to be instilled across governments and enterprise organisations. This discipline is more than prevention. It’s more than recovery. It’s a shared practice that should unite IT, operations and security teams to ensure strong security fundamentals are embedded across the entire company network. Only then can organisations act – and react – in real-time to threats.”

Avatar photo

Michael Baxter

.Michael Baxter is a tech, economic and investment journalist. He has written four books, including iDisrupted and Living in the age of the jerk. He is the editor of and the host of the ESG...

Related Topics