Security Readiness Gap Costs U.S. Enterprises $3.5 Million per Year, Study Shows

Companies will likely lose more than $3.5 million per year because they can”t properly manage external cybersecurity attacks, according to a recent survey by Ponemon Institute and BrandProtect.

Concluding that 79 percent of IT and IT security professionals lack the infrastructure to accurately and quickly identify external cyberattacks, the survey also showed that organizations experience an average of more than one cybersecurity incident per month. External threats were more difficult to detect than internal threats, according to 62 percent of respondents, while 52 percent believe containment is more difficult.

With 79 percent of respondents saying they have no security processes for social media monitoring, 64 percent of security mangers believe they lack the proper tools to analyze and understand external threats, and 68 percent lack the same resources and tools for mitigating external threats.

“The majority of security leaders understand that these external internet threats imperil business continuity,” said Larry Ponemon, president of the Ponemon Research Institute. “The study highlights a gap in defenses against threats that have proven to be extremely effective for cyber criminals and costly for enterprises.”

Some 62 percent of respondents believe that mobile app monitoring is vital in understanding external cyberattacks, while social engineering and organizational reconnaissance ranked second on their priority monitoring list, with 61 percent.

Intellectual property was also deemed crucial in the company”s sustainability, with 59 percent of respondents agreeing that it needs to be given top protection against external cyberattacks. However, only 29 percent of those rated IP (intellectual property) security as “essential,” comparted to 31 percent who deemed it “very important.”

The study was conducted by BrandProtect and the Ponemon Institute on 591 IT and IT security professionals in the United States, 65 percent of whome were either CIOs (20 percent) or in IT security operations (45 percent).

Note: The article was updated to include BrandProtect as Ponemon Institute’s partner in crafting the report.