In late 2018, SIA partnered with ESI Thoughtlab, WSJ Pro Cybersecurity and a coalition of other organizations to release The Cybersecurity Imperative, a benchmarking study of the cybersecurity practices and initiatives of global organizations. One key finding of the the global benchmarking study is that the speed of digital transformation is heightening cyber risks for companies as they embrace new technologies, adapt open platforms and leverage ecosystems of partners and suppliers.
The research shows that cybersecurity is further complicated by the “digital backlash”: companies whose cybersecurity practices do not keep pace with their digital transformation initiatives are more likely to see $1 million or more in losses from cyberattacks, and digital leaders in the early stages of cybersecurity have a 27% chance of suffering a major attack, compared with a 17% chance for digital leaders with advanced cybersecurity systems.
The leading cyber threat vectors in 2018 were:
- Malware (81%)
- Phishing (64%)
- Ransomware (63%)
Additionally, by 2020, the research predicts the following increases in cyber threat vectors by 2020:
- Attacks through partners, customers and vendors (247% growth)
- Supply chains (146%)
- Denial of service (144%)
- Apps (85%)
- Embedded systems (84%)
Surveyed companies see high risks from external threat actors, such as unsophisticated hackers (cited by 59% of firms), cybercriminals (57%) and social engineers (44%), but the greatest threat lies with untrained general staff (87%). Another 57 percent of firms see data sharing with partners and vendors as their main IT vulnerability. Nonetheless, only 17 percent of companies have made significant progress in training staff and partners on cybersecurity awareness.
Pioneering research program The Cybersecurity Imperative is based on a global survey of 1,300 organizations across industries and region, research input from a high-level advisory panel, in- depth interviews with CISOs and leading experts and rigorous benchmarking analysis. The research was conducted in the second quarter of 2018 by ESI ThoughtLab and research partner WSJ Pro Cybersecurity in conjunction with a diverse coalition of sponsors, including SIA, Baker McKenzie, CyberCube, HP Inc., KnowBe4, Opus, Protiviti and Willis Towers Watson. offerings include the full research report, a complimentary thought leadership ebook, a white paper and a cybersecurity benchmarking tool. Learn more and access the resources.