discover our V.D.R.

Cybersecurity for corporate growth: companies increase investments

Dicember 2018

Cybersecurity for corporate growth: companies increase investments

Approximately 6.4 billion fake emails every day, 550 million phishing emails sent in a single campaign during the first quarter of this year, 2 billion records containing personal or confidential data were compromised between January 2017 and March 2018: a wave that has not only invaded personal accounts and corporate servers all over the world, but most of all, 3.62 million dollars worth of damage for every case of data theft. «Cyber risks are evolving. An organization that believes they are protected from a cyber-attack is probably about to undergo one» says Paul van Kessel, EY Global Advisory Cybersecurity Leader, commenting the results of the EY Global Information Security Survey, conducted among more than 1400 senior executives, IT and information security managers.

Cybersecurity as a growth factor

The survey seems to confirm just that: 87% of companies worldwide and nearly all of Italian companies (97%) has inadequate resources to respond to the level of IT security required. One out of four companies, in Italy as in the rest of the world, is convinced of not being able to identify a sophisticated attack but the majority does not have a protection plan integrated in their corporate strategy and in their executive plans. The latter is a delicate point, because as van Kessel repeats, cybersecurity must not aim at simply protecting, and most of all, it must not be a holdback on innovation and change, but it must provide a positive contribution to the business. Three points stand out from this survey: «Protect the company» focusing on identifying the assets and building the lines of defence; «Optimizing cybersecurity» by increasing efficiency and reinvesting resources in emerging and innovative technologies that can enhance the protection already achieved; «Allow growth» by implementing the approach “security-by-design” as a key factor in the digital transformation of the organization.

An increased awareness increases the corporate budget

Will companies press this accelerator? In Italy, the research says that less than half (45%) of the companies have invested in services related to cybersecurity in the last three years and 60% intend to expand the budget dedicated to security even 10% more compared to what has currently been done. Objectives that promise to further increase the value of the cybersecurity sector, which in 2018 should rise to 1.5 billion euros. The awareness of the centrality of the issue is increasing globally: senior managers have turned on their radar on these criticalities/opportunities and Chief Information Officers are entrusted with the ultimate responsibility in an increasing number of cases. The priorities of 2018 were cloud computing, cybersecurity analytics, mobile computing and the internet of things. In Italy, in particular, this will be the area in which investments will increase (+44%).

Cybersecurity per la crescita

Vulnerability: major risks by negligent employees

The internet of things, probably because of limited knowledge, is currently not considered one of the biggest threats to an organization’s IT security. In the last twelve months, the most feared vulnerabilities are negligence or low awareness of behalf of employees, the presence of obsolete security systems and unauthorized access. Other weaknesses identified by the managers are the use of the cloud, mobile devices and social media. The methods of attack are mainly phishing and malware.