Well, this is both disheartening and unsurprising: information technology (IT) security professionals give global cybersecurity efforts a “C” in terms of readiness and response capability, with cloud computer infrastructure rating a “D” in terms of its cyber defenses.
Those grades come from the 2016 Global Cybersecurity Assurance Report Card crafted annually by Tenable Network Security, which surveyed 504 IT security professionals around the world back in August working for companies with 1,000 or more employees.
Needless to say, with the threat of cyberattacks rising every day, especially towards trucking (go here, here and here for some examples), those kinds of findings don’t inspire much confidence when it comes to digital security.
“What this tells me is that while security innovations solve specific new challenges, practitioners are struggling to effectively deploy an overarching security strategy without gaps between defenses,” noted Ron Gula (at left), Tenable’s CEO, in his firm’s report.
“It’s no surprise that many in the profession feel overwhelmed by the increasingly complex threat environment,” he stressed. “Recent, cyberattacks have disrupted business for leading global companies, infiltrated governments and shaken confidence among security practitioners. With so much at stake, organizations need to know whether their security programs are effective or if they are falling short.”
Tenable’s “Report Card” tallied responses from six countries and seven industries, and also calculated a global score reflecting the overall confidence levels of security practitioners that the world’s cyber defenses are meeting expectations.
According to survey data, global cybersecurity earned an overall score of 76% – an underwhelming “C” average – with nearly 40% of respondents feeling “about the same” or “more pessimistic” about their organizations’ ability to defend against cyberattacks compared to last year.
Respondents also consistently cited cloud applications (graded D+) and cloud infrastructure (D) as two of the three most challenging IT components for assessing cybersecurity risks, Tenable said.
Mobile devices (D) also were reported as particularly challenging when assessing cyber risks. The inability to even detect transient mobile devices in the first place (C) was another big challenge for the world’s security practitioners, the firm noted.
And it doesn’t seem like many of those concerns are filtering up the chain of command, as the IT security pros in this poll gave executives and board members fa “C+” in terms of their understanding of cybersecurity risks and only a “C” in terms of investing enough to mitigate them.
Here are a few other factoids Tenable gleaned from its poll:
Overall Cybersecurity Assurance Report Cards by Country
- Australia: D+ (69%)
- Canada: C+ (77%)
- Germany: C- (72%)
- Singapore: C- (72%)
- United Kingdom: C (74%)
- United States: B- (80%)
Overall Cybersecurity Assurance Report Cards by Industry
- Education: D (64%)
- Financial Services: B- (81%)
- Government: D (66%)
- Health Care: C (73%)
- Manufacturing: C (76%)
- Retail: C+ (77%)
- Telecom & Technology: B- (81%
“These index scores reflect a startling lack of ability to detect and assess cyber risk in cloud infrastructure and cloud applications, as well as mobile devices,” noted Gula.
“Another concern is the uphill battle security professionals’ face in mobilizing their organizations’ leadership to prioritize security,” he pointed out. “There’s a disconnect between the CISO [chief information security officer] and the boardroom that must be bridged before real progress can be made.”
Let’s hope we start bridging that gap soon, to help the freight world be less vulnerable on the digital front.