19 Feb 15. A new study commissioned by Raytheon in partnership with Ponemon Institute reveals CISOs foresee cyber terrorism and cybercrime posing significant risks to their organizations over the next three years. The Global Megatrends in Cybersecurity 2015 survey of 1,006 cyber security CIOs, CISOs and senior IT leaders also found a lack of resources and a critical disconnect between CISOs and senior leadership are preventing companies from addressing the growing cybersecurity threats. A majority of respondents (78 percent) said their Board of Directors has not been briefed on their organization’s cybersecurity strategy in the last 12 months. In addition, 66 percent of respondents believe senior leaders in their organization do not perceive cybersecurity as a strategic priority.
“You don’t have to wait until you’re attacked to take cybersecurity seriously,” said Jack Harrington, vice president of cybersecurity and special missions at Raytheon Intelligence, Information and Services. “From the board room to the President’s desk, rallying around the cybersecurity issue is critical to address the real threats we face as a global society.
Among the findings were also some signs of optimism, as a majority of those surveyed believe cybersecurity awareness through training will improve over the next three years. The survey of information security professionals from across the globe further indicated that most security professionals expect their organization’s cyber posture to improve during that same timeframe.
“High-profile cybersecurity breaches are closing the gap between CISOs and CEOs by forcing meaningful security discussions into corner offices and boardrooms,” said Larry Ponemon, chairman and founder of Ponemon Institute. “In the meantime, our study found there is still a large delta between resources and needs, as security leaders lack both funding and manpower to adequately protect assets and infrastructure.”
Key findings include:
* Current state of cybersecurity across industries:
*Less than half of respondents (47 percent) believe their organizations take appropriate steps to comply with the leading cybersecurity standards.
*Only one-third of those surveyed believe their organizations are prepared to deal with the cybersecurity risks associated with the Internet of things (IoT) and the proliferation of IoT devices.
*Fewer than half of all respondents (47 percent) say their organizations have sufficient resources to meet cybersecurity requirements.
*Two-thirds (66 percent) of those surveyed indicated their organizations need more knowledgeable and experienced cybersecurity practitioners.
* Anticipated cyber trends across industries in the next three years:
*Nearly half (47 percent) of respondents believe zero-day threats will become one of the most prevalent cyber threats.
*More than one-third (35 percent) believes attacks on critical infrastructure will become one of the world’s five most prevalent threats.
*Senior IT leaders see the use of virtual currencies as a low risk to their organizations today but becoming a very high risk to their organizations in the future.
*Surveyed CISOs believe that when it comes to cybersecurity, the three most important technologies in the future will involve big data analytics, forensics and next-gen firewalls.
The survey, released in partnership with Ponemon Institute, also studied international cyber trends that are anticipated by security professionals in the Middle East, North Africa, and Europe, including the U.K., over the next three years. For more detail and analysis of the survey findings, please visit the Global Megatrends in Cybersecurity 2015 report and infographic illustrating the survey findings.
Methodology
The Raytheon Mega Trends Survey: 2015-2018 was fielded by Ponemon Institute from December 1-21, 2014. The responses were generated from a survey of (1,006 senior information security executives) in the U.S., Europe, Middle East and North A