Enterprises fail to act on cybersecurity

William Blake: War - WIkimedia CommonsIt won’t be until 2018 that large enterprises will have proper plans to protect themselves from cyber attacks causing business disruption.

And, even then, only 40 percent of these organisations will have such plans.

That’s what a report from Gartner says, which warns that chief information security officers need to set their priorities/

Gartner thinks the frequency of a cyber attack on a large scale is low, but if it does happen, the implications are sever.

Paul Proctor, a VP at Gartner warns that servers can be downed, data wiped, and digital intellectual property published to the internet – as happened with Sony late last year.

“Employees may not be able to fully function normally in the workplace for months. These attacks may expose embarrassing internal data via social media channels and could have a longer media cycle than a breach of credit card or personal data,” he said.

He also pointed out that avoiding a compromise in a large computer enterprise “is just not possible”. Instead, those responsible should concentrate on firewalls, antivirus and vulnerability management, as well as increasing detection and response capabilities.

The Internet of Things (IoT) will expand the attack surface so enterprises need to pay better attention, and spend more money on preventing attacks.