A large number of organizations suffered data breaches one or more times in 2017, according to new research from security services provider Cygilant.

The company surveyed 165 IT and security professionals in the U.S. in late 2017 and early 2018, and found that more than half of the respondents (53 percent) think their company was breached once or more in 2017.

The findings overall show a lack of confidence in organizations’ ability to protect customer data, with only 17 percent of them saying they’re confident they can successfully protect customer data. A majority (68 percent) of those surveyed cite a lack of company resources, including budget and time, as a top cyber security challenge.

In other findings, 81 percent of the organizations have underfunded IT security budgets or no budget at all; 15 percent are confident in current cyber security technologies; 63 percent conduct cyber security training once a year or less; 25 percent rate phishing and spam as a top five concern but have no formal employee awareness program; and 46 percent review their cyber security program with the board of directors or senior executives once a year or less.

“It’s important that businesses understand the cyber security challenges they’re facing,” said Neil Weitzel, director of security research at Cygilant. “Companies are still understaffing and underfunding cyber security initiatives and aren’t providing the ongoing security awareness training to employees required to protect against relentless attacks by adversaries.”

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Bob Violino

Bob Violino

Bob Violino is a freelance technology and business writer who covers a variety of topics, including big data and analytics, cloud computing, information security and mobile technology.