Safety by the numbers 

According to research from RSA, The Security Division of EMC, 75 per cent of the survey’s 878 respondents have a significant cybersecurity risk exposure.

“Organizations of all sizes, in all industries and from all geographies feel unprepared for the threats they are facing,” says RSA President Amit Yoran.

The study reveals that investment in detection and response technologies is essential to cybersecurity.

Less mature companies are particularly inclined to implement more perimeter technologies – a serious mistake.

RSA warns that perimeter defense is less likely to detect malicious activity, and more likely to publicly expose critical business assets.

“Organizations need to set their agendas early, build comprehensive strategies and not wait for a breach to force them into action,” Yoran says.

In this regard, prevention alone is no longer enough.

“We need to change the way we are thinking about security, to focus on more than just prevention – to develop a strategy that emphasizes detection and response.”

Half of the surveyed companies assess their incident response capabilities as “ad hoc” or “nonexistent”, making it difficult to prioritize mitigation and investment.

RSA reports that industries with higher levels of maturity, such as aerospace and defense, are more likely to have developed or advantaged capabilities.

Less mature companies, like government and energy, are less than half as likely to share similar capabilities.

Companies can now take the assessment online to determine their own maturity levels.