The latest edition of the EY Global Information Security Survey study reveals that almost 60% of surveyed organizations have faced an increasing number of disruptive IT attacks in the past 12 months. Despite the exponential rise of threats, only 36% of companies say that cybersecurity is one of the essential points in planning a new digital business initiative.
The EY study also found that, throughout 2019, 23% of successful cyber attacks were carried out by organized crime groups. The company reveals that in the past year, activists have been responsible for 21% of the attacks.
In a press release, Srgio Martins, an associate partner at EY, underlines that, in the coming months, the activist groups will increase the attacks due to the reaction of the COVID-19 pandemic organizations.
The official explains that the IT security strategy of many organizations is not based on sustainable models. Cybersecurity has traditionally been a compliance-oriented activity, carried out using checklist approaches, rather than being incorporated from scratch into initiatives supported by technologies, says the official.
According to Srgio Martins, companies need to focus on creating a culture of security by design in order to anticipate threats. This can only be achieved if we are able to bridge the divide between cybersecurity and business functions and allow the Chief Information Security Officer (CISO) to act as a consultant and facilitator instead of being a stereotyped obstacle.
The EY study indicates that, in many organizations, there is a latent separation between cybersecurity teams between and other business areas. For example, 74% of respondents say that the relationship between the IT security department and the marketing department turns out to be non-existent. Altogether, 64% say the same about research and development teams and 59% about business lines. More than half also say that the relationship with the finance department is also tense.
According to Srgio Martins, as companies go through the digital transformation process, it is necessary to develop trusting relationships between all departments. This collaboration is even more critical in the pandemic times that we live in, where we are seeing a great acceleration in the digitization of organizations and new ways of working, namely remote work, which bring increased risks.