December 6, 2016
The UK falls below the global confidence in ability to accurately assess cyber risk, which has dropped 12 percentage points over 2016, a survey has revealed.
The world’s information security professionals gave global cyber readiness a C-average, with a score of just 70%, according to Tenable Network Security’s Global cybersecurity assurance report card for 2017.
The scorecard is based on a poll of 700 security practitioners in nine countries and across seven industry verticals to calculate a global index score reflecting overall confidence in the world’s cyber defences.
According to this year’s data, global cyber security confidence fell six points over 2016, but overall decline in confidence is the result of a 12-point drop in the 2017 Risk Assessment Index, which measured the ability of respondents to assess cyber risk across 11 key components of the enterprise information technology (IT) landscape.
In the UK, confidence among respondents in their organisation’s ability to assess risks has taken a significant knock, falling from 73% to 59% – a 14% drop. Security assurance has also taken a slight dent, falling from 74% to 73%. This gives the UK an overall score of 66%, a D-grade classed as a “fail”.
Overall, respondents cited the “overwhelming cyber threat environment” as the single biggest challenge facing IT security professionals today, followed closely by “low security awareness among employees” and “lack of network visibility” due to bring your own device (BYOD) practices and shadow IT.
“Today’s network is constantly changing – mobile devices, cloud, internet of things, web apps, containers, virtual machines – and the data indicates that a lot of organisations lack the visibility they need to feel confident in their security posture,” said Cris Thomas, strategist at Tenable Network Security.
“It’s pretty clear that newer technologies such as DevOps and containers contributed to driving the overall score down, but the real story isn’t just one or two things that need improvement, it’s that everything needs improvement,” he said.