The majority of cyber security executives claim that they do not have the resources to deal with attacks.
According to a new survey by SolarWinds MSP and Ponemon Institute, most respondents said that they did not think their organisation had the budget or technology to deal with cybersecurity threats. Just 45 per cent said that they had the technology to prevent, detect, and contain cyber security threats, while only 47 per cent felt that they had enough budget to cope.
Equally worrying was the lack of knowledge the respondents claimed to have. The survey revealed that while most agree attacks are increasing, they are confused about what threats pose the most risk and lack the means to defend against them. The survey found that while a majority (69 per cent) of respondents had a high awareness of both WannaCry and Petya threats, they were far less aware of the potential of Vault 7 threats, with the highest level of awareness at 30 per cent.
“The lack of knowledge among senior-level security executives is worrying—they know that attacks are on the increase, but many don’t know what they are and seem unable to effectively prevent them,” said Larry Ponemon, Founder, Ponemon Institute. “Better use needs to be made of the resources available, such as US CERT alerts, and the service providers that most businesses are using to outsource protection. Those providers also need to step up and provide education on where most attacks are coming from and how they can be prevented.”
Meanwhile, Tim Brown, VP of security architecture at SolarWinds MSP said that ‘there is a role for managed service providers (MSPs) to play based on this research, by supporting companies as they navigate the ever-evolving security threats businesses face’.
He added: “It’s a bit like the wild west now, as we saw from the widespread fallout from WannaCry and Petya, and may still see from Vault 7 if those leaks are more widely exploited. Indeed, we have no crystal ball to know what threats lie on the horizon. Businesses need help with everything from awareness to technology to specialized staff. This study supports a view that MSPs have a unique opportunity to expand their security offerings to meet this need by filling gaps that can’t be easily filled in house.”