Organizations need to take charge of their cybersecurity efforts to ensure they are well-equipped to deal with this growing threat.
This is one of the main findings of the second annual RSA Cybersecurity Poverty Index, which also highlighted the increased risk firms face today.
Its analysis revealed that approximately 75% of organizations worldwide have a “significant cybersecurity risk exposure”.
While many businesses acknowledge that cybercrime and cyberattacks are growing security concerns, many are slow to respond in the most appropriate way, the paper suggested.
For example, approximately half of all firms polled for the study admitted that their incident response capabilities are either “ad-hoc” or “non-existent”.
Further, the authors of the paper touched upon the fact that many organizations are reactive when it comes to bolstering their defenses.
They found that investment in cybersecurity solutions and programs tends to come only after they experience a cyberattack.
“We need to change the way we are thinking about security, to focus on more than just prevention."
“We need to change the way we are thinking about security, to focus on more than just prevention – to develop a strategy that emphasizes detection and response,” said Amit Yoran, president of the RSA.
“Organizations need to set their agendas early, build comprehensive strategies and not wait for a breach to force them into action.”
While there is still a lot to do, the report did record some progress over the past 12 months.
It observed that since 2015’s index, there has been a noticeable increase in the number of businesses now benefiting from “mature cybersecurity programs”.
News of this comes on the back of a similar study from Gemalto, which found that 69% of IT decision-makers are unconfident that their companies data would be secure following a data breach.