New CIO Report Shows That Six in 10 Businesses Struggle to Manage Cyber Risk
New CIO Report Shows That Six in 10 Businesses Struggle to Manage Cyber Risk
One in 10 businesses doesn't have an incident response plan
十分之一的企业没有事件响应计划
Highlights:
亮点:
- New Barracuda report explores why just 43% of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks
- Around half find it hard to implement consistent, company-wide security policies
- A third worry about securing the supply chain
- The report features a cyber-resilience checklist template based on the NIST 2.0 framework
- 梭子鱼的新报告探讨了为什么只有43%的受访组织对自己应对网络风险、漏洞和攻击的能力充满信心
- 大约一半的人认为很难在全公司范围内实施一致的安全政策
- 第三是担心供应链的安全
- 该报告以基于NIST 2.0框架的网络弹性清单模板为特色
CAMPBELL, Calif., April 24, 2024 /PRNewswire/ -- Barracuda Networks, Inc., a trusted partner and leading provider of cloud-first security solutions, has today published the CIO report: Leading your business through cyber risk, which explores the top governance challenges facing companies trying to manage cyber risk and boost their cyber resilience. The report offers practical tools such as a checklist template, created with Barracuda's own IT and security leadership, to help companies navigate their way to resilience.
加利福尼亚州坎贝尔,2024 年 4 月 24 日 /PRNewswire/ — 梭子鱼 值得信赖的合作伙伴和云优先安全解决方案的领先提供商Networks, Inc. 今天发布了 首席信息官报告:领导企业应对网络风险, 它探讨了试图管理网络风险和增强网络弹性的公司面临的主要治理挑战。该报告提供了诸如清单模板之类的实用工具,该模板由梭子鱼自己的IT和安全领导层创建,以帮助企业走向复原之路。
Leveraging data from the international Cybernomics 101 study, the report assesses how challenges relating to security policies, management support, third-party access, and supply chains can undermine a company's ability to withstand and respond to cyberattacks.
该报告利用国际Cybernomics 101研究的数据,评估了与安全政策、管理支持、第三方访问和供应链相关的挑战如何削弱公司抵御和应对网络攻击的能力。
Among other things, the findings show that many organizations find it hard to implement company-wide security policies such as authentication measures and access controls. Half (49%) of the smaller to mid-sized companies surveyed listed this as one of their top two governance challenges. Further, just over a third (35%) of the smaller companies worry that senior management doesn't see cyberattacks as a significant risk, while the larger companies are most likely to struggle with a lack of budget (38%) and skilled professionals (35%).
除其他外,调查结果表明,许多组织发现很难实施全公司范围的安全政策,例如身份验证措施和访问控制。在接受调查的中小型公司中,有一半(49%)将此列为两大治理挑战之一。此外,略超过三分之一(35%)的小型公司担心高级管理层不将网络攻击视为重大风险,而较大的公司最有可能因缺乏预算(38%)和熟练的专业人员(35%)而苦苦挣扎。
Many organizations have concerns about a lack of security and control over the supply chain and visibility into third parties with access to sensitive or confidential data. Around one in 10 doesn't have an incident response plan to turn to in the event of a successful breach.
许多组织担心供应链缺乏安全性和控制力,也担心可以访问敏感或机密数据的第三方的可见性。大约十分之一的人没有在成功发生违规行为时可以求助的事件响应计划。
"For many businesses today, a security incident of some kind is almost inevitable," said Siroui Mushegian, CIO of Barracuda Networks. "What matters is how you prepare for, withstand, respond to, and recover from the incident. This is cyber resilience. Advanced, defense-in-depth security solutions will take you most of the way there, but success also depends on security governance — the policies and programs, leadership, and more that enable you to manage risk. When NIST updated its benchmark cybersecurity framework earlier this year, it added security governance as a strategic priority."
他说:“对于当今的许多企业来说,某种安全事件几乎是不可避免的。” 梭子鱼网络首席信息官西鲁伊·穆希吉安。 “重要的是你如何准备、承受、应对和从事件中恢复。这就是网络弹性。先进的深度防御安全解决方案将带您走向成功的大部分道路,但成功还取决于安全治理,即使您能够管理风险的政策和计划、领导力等。当NIST在今年早些时候更新其基准网络安全框架时,它将安全治理列为战略优先事项。”
The report offers practical templates to help organizations manage cyber risk and map where they are in their journey toward cyber resilience. The cyber resilience checklist draws on the latest iteration of the U.S. National Institute of Standards and Technologies (NIST) Cybersecurity Framework and can be freely downloaded and printed from the Barracuda website.
该报告提供了实用的模板,可帮助组织管理网络风险,并绘制他们在网络弹性之旅中的处境。网络弹性清单借鉴了美国国家标准与技术研究所(NIST)网络安全框架的最新版本,可以从梭子鱼网站免费下载和打印。
Resources:
Get a copy of the report:
Get a standalone copy of the cyber resilience check list:
Check out the blog post:
资源:
获取报告的副本:
获取网络弹性清单的独立副本:
查看博客文章:
Methodology for the Cybernomics 101 research
The research data comes from the Cybernomics poll of 1,917 IT security practitioners from companies with 100 to 5,000 employees across various industries in the United States (522), the United Kingdom (372), France (329), Germany (425), and Australia (269) in September 2023. The final sample of respondents represented enterprises with between 100 and 5,000 employees. All respondents are involved in the management of their organization's IT security functions or activities.
Cyberonomics 101 研究的方法论
研究数据来自Cybernomics于2023年9月对来自美国(522人)、英国(372人)、法国(329人)、德国(425人)和澳大利亚(269人)不同行业拥有100至5,000名员工的公司的1,917名IT安全从业人员的民意调查。最终的受访者样本代表拥有100至5,000名员工的企业。所有受访者都参与其组织IT安全职能或活动的管理。
About Barracuda
At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level. For more information, visit barracuda.com.
关于梭子鱼
在梭子鱼,我们努力让世界变得更安全。我们认为,每家企业都应该获得云优先的企业级安全解决方案,这些解决方案易于购买、部署和使用。我们使用创新的解决方案保护电子邮件、网络、数据和应用程序,这些解决方案会随着客户的旅程而增长和适应。全球有超过20万个组织信任梭子鱼来保护他们(他们甚至可能不知道自己面临风险),因此他们可以专注于将业务提升到一个新的水平。欲了解更多信息,请访问 barracuda.com。
Barracuda Networks, Barracuda and the Barracuda Networks logo are registered trademarks or trademarks of Barracuda Networks, Inc. in the U.S. and other countries.
梭子鱼网络、梭子鱼和梭子鱼网络徽标是梭子鱼网络公司在美国和其他国家的注册商标或商标。
Contact:
Anne Campbell
Barracuda Networks, Inc.
978-328-1642
[email protected]
联系人:
安妮坎贝尔
梭子鱼网络有限公司
978-328-1642
[电子邮件保护]
SOURCE Barracuda Networks, Inc.
来源 Barracuda Networks, Inc.