Skip to content

Brought to you by

Dentons logo

Privacy and Cybersecurity Law

Coverage and commentary on developments in data protection.

open menu close menu

Privacy and Cybersecurity Law

  • Home
  • About Us

Survey Says…Cybersecurity Remains A Critical Challenge For Business

By Peter Stockburger
March 23, 2018
  • Consumer Protection
  • Data Breach
  • Privacy Rights
Share on Facebook Share on Twitter Share via email Share on LinkedIn

On March 14, 2018, IBM Security announced the results of a new global study on organizational cybersecurity readiness and resiliency entitled “The 2018 Cyber Resilient Organization.” The new survey includes insights from more than 2,800 security and IT professionals, and makes clear that cybersecurity readiness and resilience remain a critical challenge for businesses worldwide:

  • 77% of respondents admit they do not have a formal cybersecurity incident response plan applied consistently across their organization;
  • 77% of respondents report having difficulty retaining and hiring quality IT security professionals;
  • 50% of respondents believe their incident response plan is either informal, ad hoc, or non-existent;
  • 60% of respondents consider lack of investment in artificial intelligence and machine learning as the biggest barrier to achieving cyber resilience;
  • 31% of respondents believe they have an adequate cybersecurity budget in place;
  • 29% of respondents report having ideal staffing to achieve cyber resilience; and
  • 23% of respondents say they do not currently have a CISO or security leader.
Cyber resiliency and preparedness remain a challenge for businesses worldwide.

Despite these results, 72% of respondents report feeling more cyber resilient than they were last year. Is this confidence misplaced?

The new results largely track the results of PricewaterhouseCoopers’ Global State of Information Security Survey (GSISS) 2018, which found that of the more than 9,500 senior executives surveyed in 122 countries:

  • 67% have an internet of things (IoT) security strategy in place or are currently implementing one;
  • 36% have uniform cybersecurity standards and policies for IoT devices and systems;
  • 34% have new data collection, retention and destruction policies; and
  • 34% assess device and system interconnectivity and vulnerability across the business ecosystem.

These low results for cyber preparedness and resiliency present a significant risk for business. In its Global Risk Report 2017, the World Economic Forum found that “large-scale cyber-attacks or malware causing large economic damages” or “widspread loss of trust in the internet” remain the primary business risks in North America.

Organizations must be better prepared for cybersecurity incidents, which can result from unintentional events or deliberate attacks by insiders or third parties, such as cyber criminals, competitors, nation-states, and “hacktivists.” A prior IBM Study on the cost of data breaches found, using a sample of 419 companies in 13 countries and regions, that 47% of data breach incidents in 2016 involved a malicious or criminal attack, 25% were due to negligent employees or contractors (i.e., a human factor), and 28% involved system glitches, including IT and business process failures.  Organizations that fall victim to successful cyber attacks or experience cyber incidents may incur substantial costs and suffer significant consequences, including remediation costs, increased cybersecurity protection costs, lost revenue, litigation and legal risk, reputational damage, increased insurance premiums, and damage to the organization’s competitiveness and shareholder value.

Making things more complicated, there are number of new regulatory regimes requiring covered enterprises to develop robust cybersecurity policies, safeguards, and incident response plans, including the New York Department of Financial Service Cybersecurity Rules and the US Security and Exchange Commission’s recent guidance on cybersecurity risk and incident disclosures.

If you or your enterprise are looking to assess your current cybersecurity practices, risk profile, or incident response preparedness, including legal compliance, or create new systems, policies, and processes, the Dentons cybersecurity team is prepared to help.

Dentons is the world’s largest law firm, a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner, and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. The Dentons Privacy and Cybersecurity Group operates at the intersection of technology and law, and has been singled out as one of the law firms best at cybersecurity by corporate counsel, according to BTI Consulting Group.  

 

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Peter Stockburger

About Peter Stockburger

Peter Stockburger is the office managing partner for the Firm's San Diego office, a member of the Firm's Global Data Privacy and Venture Technology Groups, and co-lead of the Firm's Autonomous Vehicles practice. With a focus on data privacy and security, Peter partners with clients around the globe to leverage data and talent to grow, operate, and protect their business.

All posts Full bio

RELATED POSTS

  • Data Breach
  • Enforcement
  • Government Information
  • Health Information Privacy
  • New and Proposed Laws
  • Privacy Rights
  • United States

White House Issues Presidential Directive Coordinating Government Response To “Cyber Incidents”

By Peter Stockburger
  • Privacy Rights

In-Store Tracking: Mobile Location Analytics

In the wake of the negative publicity that Nordstrom received from its use of mobile location analytics (MLA) in a […]

By Todd Daubert
  • Consumer Protection
  • Marketing, Cookies & Spam
  • United States

6 Month Countdown to Canada’s Anti-Spam Legislation (CASL)

Canada’s Anti-Spam Legislation (CASL) has been a long time coming.  The Government of Canada announced today that most of CASL’s provisions […]

By Margot Patterson

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

  • Accountability
  • Asia Pacific
  • Canada
  • Cloud Computing
  • Consumer Protection
  • Cybersecurity
  • Data Breach
  • Data Transfers
  • Employee Privacy
  • Enforcement
  • Europe
  • General
  • Government Information
  • Health Information Privacy
  • Latin America
  • Marketing, Cookies & Spam
  • New and Proposed Laws
  • Privacy Notices
  • Privacy Rights
  • Record Retention
  • Smart Cities
  • United Kingdom
  • United States

Subscribe and stay updated

Receive our latest blog posts by email.

Stay in Touch

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site