Press "Enter" to skip to content

Businesses pay price for poor security in lost customers and falling revenue

Over one third of organisations that experienced a cyber security breach in 2016 reported customer, opportunity and revenue loss of more than 20%, Cisco claims in a new study, the Cisco 2017 Annual Cybersecurity Report (ACR).

The survey of 3,000 chief security officers (CSOs) and security operations leaders in 13 countries reveals that 22% of breached organisations lost customers, of which 40% lost more than 20% of their customer base; 29% lost revenue, of which 38% reported losses of more than 20%; and 23% lost business opportunities, of which 42% lost more than 20%.

After experiencing a breach, 90% of affected organisations chose to improve their defences and processes by separating IT and security functions (38%), increasing security awareness training for employees (38%) and implementing risk mitigation techniques (37%).

Budget constraints, poor compatibility of systems and a lack of trained talent are seen as the biggest barriers to enhanced security.

Another problem highlighted by the report is the complexity of security environments, with 65% of organisations employing from six to 50 plus security products. Cisco warns that this increases the potential for security effectiveness gaps and helps explain why 2016 saw a resurgence of ‘classic’ attack vectors, such as adware and email spam.

Cisco says spam has reached levels not seen since 2010, accounting for 65% of email traffic, and that 8-10% of spam messages are malicious.

It advises organisations to take the following steps to protect themselves:

Make security a business priority: Executive leadership must own and evangelise security and fund it as a priority.

Measure operational discipline: Review security practices and patch and control access points to network systems, applications, functions and data.

Test security effectiveness: Establish clear metrics to validate and improve security practices.

Adopt an integrated defence approach: Make integration and automation high on the list of assessment criteria to increase visibility, streamline interoperability and reduce the time to detect and stop attacks.

www.cisco.com

Please follow and like us:

Be First to Comment

Leave a Reply

2018