Anna Forrester
PwC has unveiled the “2015 U.S. State of Cybercrime Survey,” which found that few organizations have established stronger cybersecurity measures despite the increase in attacks and the greater role of organization leaders in cyber decision-making.
PwC said July 16Â that 79 percent of respondents detected a cybersecurity incident in the past year, with 163 reported incidents on average per organization.
More than 500 executives from U.S. businesses, government agencies and law enforcement entities contributed to the survey.
PwC said it collaborated with International Data Group‘s CSO publication, the U.S. Secret Service and the Software Engineering Institute’s CERT Division at Carnegie Mellon University to conduct the survey and analyze the resulting data.
The survey also indicated that many organizations have not adopted important practices such as financial damage assessments and industry collaboration or information sharing, even as the percentage of executives concerned about cyber risks also increased to 76 percent and 45 percent increased cyber spending.
“High-profile incidents teach us over and over again that no system is immune — and that speed to identify and respond is of the essence when it comes to combating cyber threats and reducing the risk and associated damages,” said David Burg, global and U.S. cybersecurity leader at PwC.
“Greater transparency and visibility into the threat landscape can lead to more action from corporate boards, rapid and informed decision-making, appropriate investments in spend and resources, and greater agility when responding to threats.”
The survey identified malicious code, phishing, spyware, distributed denial of service and ransomware as the most frequent types of attacks originating externally, which can include risks from third parties such as partners, contractors and suppliers.
According to the survey team, cyber threats should be made a board governance concern due to their potential systemic impact on business, finances and even brand reputation.
