More than nine out of 10 companies globally are maintaining or increasing their investment in cybersecurity to combat the ever increasing threat from cyber-attacks, according to a new survey released by Ernst & Young Solutions (EY).
EY's 16th annual Global Information Security Survey 2013 covered over 1,900 senior executives worldwide.
This year’s results show that as companies continue to invest heavily to protect themselves against cyber-attacks, the number of security breaches is on the rise and it is no longer of question of if, but when, a company will be the target of an attack.
Three out of 10 (31%) of respondents report the number of security incidents within their organization has increased by at least 5% over the last 12 months.
“Cybercrime is the greatest threat for organizations’ survival today,” said Ken Allan, global information security leader at EY. “While budget allocations toward security innovation are inching their way up, enabling organizations to channel more resources toward innovating solutions that can protect them against the great unknown – the future – many information security professionals continue to feel that their budgets are insufficient to address mounting cyber risks.”
Despite half of the respondents planning to increase their budget by 5% or more in the next 12 months, 65% cite an insufficient budget as their number one challenge to operating at the levels the business expects. Among organizations with revenues of $10 million or less, this figure rises to 71%.
Further, although information security is focusing on the right priorities, in many instances, the function doesn’t have the skilled resources or executive awareness and support needed to address them.
In particular, the gap is widening between supply and demand, creating a sellers’ market, with half of respondents citing a lack of skilled resources as a barrier to value creation.
Similarly, where only 20% of previous survey participants indicated a lack of executive awareness or support, 31% now cite it as an issue.