Lack of trust ranked as the biggest security concern by security decision-makers globally.
Lack of trust ranked as the biggest security concern by security decision-makers globally.
Kroll conducted a survey of 1,000 senior information security decision-makers based in North and South America, APAC and EMEA. Respondents were from organizations with between $50 million and $10 billion in revenue, across multiple sectors. Our goal was to understand the current state of cyber defense, the levels of organizational trust, and how true cyber maturity links to trust in facilitating organizations to stay ahead of the curve in a constantly evolving threat landscape.
Our findings reveal a concerning inconsistency between organizations’ level of trust in their own cybersecurity status and their readiness to achieve true cyber resilience.
Key Highlights Include |
---|
|
Security decision-makers place trust and confidence in their teams and technology to protect their organizations, but many display an ‘over-confidence’. Over a third (37%) of senior security decision-makers interviewed report they ‘completely trust’ their organization is protected and can successfully defend against most/all cyber-attacks, indicating a level of over-confidence in being able to defend against all potential threats.
This ties to the link found with CFOs also being over-confident in their companies’ ability to defend against cybersecurity incidents, in research conducted by Kroll in 2022 - CFO Cyber Security Survey: Over-Confidence is Costly.
For any organization looking to effectively defend against cyber threats, it is essential they understand what they are protecting against and which tools to implement to protect themselves in the long-term.
Most organizations are using multiple platforms for cybersecurity – with eight platforms used on average.
Interestingly, the higher the average number of platforms used, the more cybersecurity incidents the organizations have experienced.
95% of security decision-makers feel that improvements are needed in the level trust given by senior leadership.
When it comes to specific departments, information security decision-makers have understandably significant levels of trust in information security teams (94%). When looking at the methods to prevent a cyberattack, respondents state that they trust their fellow employees’ abilities to avoid falling victim to a cyber incident (66%) above all else.
Trust in employees is ranked higher than the ability of the security team to identify and prioritize security gaps (63%), accuracy of data alerts (59%), effectiveness of cybersecurity tools and technologies (56%), and the accuracy of threat intelligence data (56%).
An overwhelming majority (98%) agree there is a cost to a lack of trust in the workplace, and this cost can be far-reaching.
The full report also covers:
What do information security decision-makers view as effective ways to build trust?
What are seen as the key limiting factors to achieving cyber resilience?
How do organizations leverage outsourcing and MDR?
What is perceived as the most frequent cause of loss of trust?
For access to the full results, complete the form to download the report.
Incident response, digital forensics, breach notification, security strategy, managed security services, discovery solutions, security transformation.
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
Kroll’s Virtual CISO (vCISO) services help executives, security and technology teams safeguard information assets while supporting business operations with augmented cyber expertise to reduce business risk, signal commitment to data security and enhance overall security posture.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Kroll’s multi-layered approach to cloud security consulting services merges our industry-leading team of AWS and Azure-certified architects, cloud security experts and unrivalled incident expertise.
Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.