And per usual, legacy IT and lack of employee expertise are challenges.
The growing internet of things and increasingly sophisticated malware are putting global organizations at a greater risk for cyberattacks, but leaders aren’t doing enough to bolster their groups’ security, according to a pair of reports.
Researchers at Raytheon and the Ponemon Institute found more than 80 percent of cybersecurity and IT experts predict unsecured internet of things devices will cause a potentially “catastrophic” data breach at their organizations within the next three years.
Two-thirds of respondents also expect to see an increase in ransomware attacks between now and 2021, and 60 percent said nation-state attacks will intensify during that period and potentially lead to a cyber war.
The study was conducted in late 2017 and included perspectives from more than 1,100 senior IT specialists from the U.S., Europe, Middle East and North Africa.
Participants said the growing number of internet-connected devices will present the single biggest cybersecurity risk during the next three years, followed by the personal mobile applications, artificial intelligence and the rise of cryptocurrencies. Artificial intelligence will become increasingly crucial for bolstering groups’ cyber defenses in the coming years, according to 71 percent of respondents.
But despite the growing number of worldwide cyber threats, the majority of IT specialists don’t believe their organizations’ leaders are prioritizing online security, researchers found. More than half the participants said their groups’ cybersecurity will remain the same or worsen by 2021, citing subpar IT infrastructure and a lack of employee expertise as the biggest contributors to the decline.
In Cisco’s annual cybersecurity report, researchers also highlighted how an inability to hire and retain cyber experts “can interfere with an organization’s ability to investigate and remediate certain types of threats.”
“Without the right talent in place, defenders can’t deploy new technology and processes that could help to strengthen their security postures,” they wrote.
Of the more than 3,600 worldwide IT leaders included in the Cisco report, more than one-third said budget constraints presented the biggest barrier to increasing cybersecurity. Roughly a quarter of participants each cited compatibility with legacy IT and a lack of trained personnel as the single largest obstacle.
The government has also found itself with a surplus of vacant technology jobs and a lack of qualified applicants to fill them. In September 2017, agencies employed roughly 4.5 IT specialists age 60 and over for every one employee under the age of 30, according to data from the Office of Personnel Management.