Cyber leaders consider ransomware a danger and threat to public safety. Yet they don’t feel consulted on business decisions and struggle to hire and retain talent, and that’s what keeps them awake at night.
In 2021, ransomware attacks rose by 151%. On average, there were 270 cyberattacks per organization, with each successful cyber breach costing a company $3.6 million.
According to the World Economic Forum (WEF), after a breach becomes public, an average share price of a hacked company underperforms the NASDAQ by -3% even six months after the event.
“We are at a crossroads, a point at which cyber resilience has become the defining mandate of our time – beyond foundational security controls – to anticipate future threats, withstand, recover from cyberattacks, and adapt to likely future digital shocks,” Algirde Pipikaite, Cybersecurity Strategy Lead at World Economic Forum, is quoted in a press release.
According to WEF’s recent report, The Global Cybersecurity Outlook 2022, 80% of cyber leaders consider ransomware a danger and threat to public safety. However, while cyber leaders understand the risks, many business executives think their companies are safe.
WEF highlighted a ‘troubling growing trend’ - on average, companies need nine months (280 days) to identify and respond to a cyberattack.
To put this into perspective, an incident that occurs on 1 January may not be fully contained until 8 October.
Another worrying trend highlighted by the WEF survey, written in collaboration with Accenture, is that nearly two-thirds of cyber leaders would find it challenging to respond to a cybersecurity incident due to the shortage of skills within their team.
“Companies must now embrace cyber resilience – not only defending against cyberattacks but also preparing for swift and timely incident response and recovery when an attack does occur,” Jeremy Jurgens, Managing Director at the World Economic Forum, is quoted in a press release.
The report underscores the key challenges cyber leaders face – collaborating with ecosystem partners and retaining and recruiting talent. 60% of respondents think it would be challenging to respond to a cybersecurity incident because they lack the skills within their team.
There are a couple more things that keep chief cybersecurity officers up at night. They don’t feel consulted on business decisions. They struggle to gain the support of decision-makers in prioritizing cyber risks – 7 in 10 see cyber resilience featuring prominently in corporate risk management.
Nearly 9 in 10 see SMEs as the weakest link in the supply chain – 40% of respondents have been negatively affected by a supply chain cybersecurity incident.
WEF stressed an urgent need to close the gap of understanding between business and security leaders.
More from CyberNews:
Subscribe to our newsletter