infoTECH Feature

October 05, 2015

GTISC: Cybersecurity Top Priority for Growing Number of Firms

These days, it seems like cybersecurity is front and center for a lot of people. From the regular user turning to stronger passwords to the major corporation augmenting its perimeter defenses and looking to encryption to round out the job, cybersecurity is an increasing part of everyone's thinking. A new study from the Georgia Tech Information Security Center (GTISC) reveals that it doesn't just seem that way to the outside viewer: cybersecurity really is a big concern for many out there.                                                             

The GTISC study—titled “Governance of Cybersecurity: 2015 Report”—revealed that boards and executives alike are putting a lot more attention on risk management in the cybersecurity front. The report also compares the results against earlier reports taken from 2008, 2010, and 2012, and found that 63 percent of survey respondents are now actively addressing various topics of cybersecurity. While that number may seem a little low—37 percent essentially aren't addressing such issues—it's a long way up from where it was. Back in just 2012, that number was only 33 percent addressing, which means a near doubling from earlier reports. Indeed, the survey notes that 53 percent of boards have set up a Risk Committee that operates separately from the Audit Committee to help specifically focus on risk. That's up from just 8 percent in 2008, proving some serious gains in the way cybersecurity is perceived.

48 percent of boards were looking into cyber insurance coverage, up from 28 percent just three years ago, and board directors are actually being recruited with a greater eye toward security experience. Fully 59 percent of respondents noted that the board had a director with a degree of risk expertise, and 23 percent had one that was a cybersecurity expert.

Gains weren't limited to just one region or one field, either, though some gains were larger than others. The financial sector, for example, now has a separate Risk Committee at a rate of 86 percent, beating out even its closest competitor, the IT / telecom field, which has a Risk Committee at only half that rate, 43 percent. While little increase has been seen in Asian boards—holding at 38 percent in both 2012 and 2015—98 percent of Asian boards have a separate Risk Committee already. But cyber insurance was on the rise in Europe and North America, with Europe's boards post a 26 percent increase, and North America's doubling from 35 percent in 2012 to 70 percent in 2015.

There's still quite a ways to go, of course; there are still some lags in terms of reviewing security plans regularly and providing the appropriate level of assets to ensure the best chance of protection. But it's clear that a great many gains have been made and businesses of all sizes—particularly larger firms—are taking cybersecurity a lot more seriously. Maybe it's the number of high-profile data breaches, or the recent liability shift being brought into play by the Europay/MasterCard/Visa (EMV) card shift, but whatever the cause, the gains are clear and business is getting a lot more secure. That's good news for everyone who does business with a corporation of most any size, and soon, the threat of data breaches may be a bygone concern.




Edited by Kyle Piscioniere
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers